Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2005-3352 (GCVE-0-2005-3352)
Vulnerability from cvelistv5
Published
2005-12-13 20:00
Modified
2024-08-07 23:10
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:10:08.408Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "17319", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17319", }, { name: "ADV-2006-3995", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3995", }, { name: "18526", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18526", }, { name: "20046", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20046", }, { name: "102662", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { name: "1015344", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015344", }, { name: "SSRT071293", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "DSA-1167", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1167", }, { name: "18339", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18339", }, { name: "SSRT061265", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "ADV-2006-4300", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4300", }, { name: "21744", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21744", }, { name: "SUSE-SR:2006:004", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { name: "18340", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18340", }, { name: "ADV-2008-1246", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { name: "HPSBUX02164", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "SSRT061269", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "20670", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/20670", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "23260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23260", }, { name: "RHSA-2006:0159", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { name: "18008", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18008", }, { name: "SUSE-SA:2006:043", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { name: "ADV-2006-2423", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/2423", }, { name: "ADV-2008-0924", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "MDKSA-2006:007", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { name: "29849", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29849", }, { name: "18333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18333", }, { name: "ADV-2006-4015", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4015", }, { name: "USN-241-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { name: "TA08-150A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "20060101-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "OpenPKG-SA-2005.029", tags: [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred", ], url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { name: "22368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22368", }, { name: "HPSBUX02145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "102663", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { name: "RHSA-2006:0158", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { name: "29420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29420", }, { name: "FLSA-2006:175406", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { name: "FEDORA-2006-052", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { name: "SUSE-SR:2007:011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { name: "ADV-2006-4868", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4868", }, { name: "APPLE-SA-2008-03-18", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "HPSBMA02328", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "30430", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30430", }, { name: "APPLE-SA-2008-05-28", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { name: "18517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18517", }, { name: "22669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22669", }, { name: "TSLSA-2005-0074", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2005/0074/", }, { name: "SSA:2006-129-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { name: "PK16139", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { name: "oval:org.mitre.oval:def:10480", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { name: "RHSA-2006:0692", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { name: "SSRT061202", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "18585", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18585", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "PK25355", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { name: "GLSA-200602-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { name: "ADV-2008-1697", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "19012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19012", }, { name: "18429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18429", }, { name: "15834", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/15834", }, { name: "ADV-2005-2870", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2870", }, { name: "SSA:2006-130-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { name: "18743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18743", }, { name: "25239", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25239", }, { name: "HPSBUX02172", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "22140", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22140", }, { name: "22388", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22388", }, { name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-12-12T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-06T10:09:43", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "17319", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17319", }, { name: "ADV-2006-3995", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3995", }, { name: "18526", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18526", }, { name: "20046", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20046", }, { name: "102662", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { name: "1015344", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015344", }, { name: "SSRT071293", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "DSA-1167", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1167", }, { name: "18339", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18339", }, { name: "SSRT061265", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "ADV-2006-4300", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4300", }, { name: "21744", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21744", }, { name: "SUSE-SR:2006:004", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { name: "18340", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18340", }, { name: "ADV-2008-1246", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { name: "HPSBUX02164", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "SSRT061269", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "20670", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/20670", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "23260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23260", }, { name: "RHSA-2006:0159", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { name: "18008", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18008", }, { name: "SUSE-SA:2006:043", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { name: "ADV-2006-2423", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/2423", }, { name: "ADV-2008-0924", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "MDKSA-2006:007", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { name: "29849", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29849", }, { name: "18333", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18333", }, { name: "ADV-2006-4015", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4015", }, { name: "USN-241-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { name: "TA08-150A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "20060101-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "OpenPKG-SA-2005.029", tags: [ "vendor-advisory", "x_refsource_OPENPKG", ], url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { name: "22368", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22368", }, { name: "HPSBUX02145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "102663", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { name: "RHSA-2006:0158", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { name: "29420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29420", }, { name: "FLSA-2006:175406", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { name: "FEDORA-2006-052", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { name: "SUSE-SR:2007:011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { name: "ADV-2006-4868", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4868", }, { name: "APPLE-SA-2008-03-18", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "HPSBMA02328", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "30430", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30430", }, { name: "APPLE-SA-2008-05-28", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { name: "18517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18517", }, { name: "22669", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22669", }, { name: "TSLSA-2005-0074", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2005/0074/", }, { name: "SSA:2006-129-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { name: "PK16139", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { name: "oval:org.mitre.oval:def:10480", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { name: "RHSA-2006:0692", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { name: "SSRT061202", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "18585", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18585", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "PK25355", tags: [ "vendor-advisory", "x_refsource_AIXAPAR", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { name: "GLSA-200602-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { name: "ADV-2008-1697", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "19012", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19012", }, { name: "18429", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18429", }, { name: "15834", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/15834", }, { name: "ADV-2005-2870", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2870", }, { name: "SSA:2006-130-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { name: "18743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18743", }, { name: "25239", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25239", }, { name: "HPSBUX02172", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "22140", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22140", }, { name: "22388", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22388", }, { name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2005-3352", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "17319", refsource: "SECUNIA", url: "http://secunia.com/advisories/17319", }, { name: "ADV-2006-3995", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/3995", }, { name: "18526", refsource: "SECUNIA", url: "http://secunia.com/advisories/18526", }, { name: "20046", refsource: "SECUNIA", url: "http://secunia.com/advisories/20046", }, { name: "102662", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { name: "1015344", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015344", }, { name: "SSRT071293", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "DSA-1167", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1167", }, { name: "18339", refsource: "SECUNIA", url: "http://secunia.com/advisories/18339", }, { name: "SSRT061265", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "ADV-2006-4300", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4300", }, { name: "21744", refsource: "SECUNIA", url: "http://secunia.com/advisories/21744", }, { name: "SUSE-SR:2006:004", refsource: "SUSE", url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { name: "18340", refsource: "SECUNIA", url: "http://secunia.com/advisories/18340", }, { name: "ADV-2008-1246", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { name: "HPSBUX02164", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "SSRT061269", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "20670", refsource: "SECUNIA", url: "http://secunia.com/advisories/20670", }, { name: "SSRT090208", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "23260", refsource: "SECUNIA", url: "http://secunia.com/advisories/23260", }, { name: "RHSA-2006:0159", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { name: "18008", refsource: "SECUNIA", url: "http://secunia.com/advisories/18008", }, { name: "SUSE-SA:2006:043", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { name: "ADV-2006-2423", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/2423", }, { name: "ADV-2008-0924", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "MDKSA-2006:007", refsource: "MANDRIVA", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { name: "29849", refsource: "SECUNIA", url: "http://secunia.com/advisories/29849", }, { name: "18333", refsource: "SECUNIA", url: "http://secunia.com/advisories/18333", }, { name: "ADV-2006-4015", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4015", }, { name: "USN-241-1", refsource: "UBUNTU", url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { name: "TA08-150A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "20060101-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "OpenPKG-SA-2005.029", refsource: "OPENPKG", url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { name: "22368", refsource: "SECUNIA", url: "http://secunia.com/advisories/22368", }, { name: "HPSBUX02145", refsource: "HP", url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "102663", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { name: "RHSA-2006:0158", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { name: "29420", refsource: "SECUNIA", url: "http://secunia.com/advisories/29420", }, { name: "FLSA-2006:175406", refsource: "FEDORA", url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { name: "FEDORA-2006-052", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { name: "SUSE-SR:2007:011", refsource: "SUSE", url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { name: "ADV-2006-4868", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4868", }, { name: "APPLE-SA-2008-03-18", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "HPSBMA02328", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "30430", refsource: "SECUNIA", url: "http://secunia.com/advisories/30430", }, { name: "APPLE-SA-2008-05-28", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { name: "HPSBOV02683", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", refsource: "CONFIRM", url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { name: "18517", refsource: "SECUNIA", url: "http://secunia.com/advisories/18517", }, { name: "22669", refsource: "SECUNIA", url: "http://secunia.com/advisories/22669", }, { name: "TSLSA-2005-0074", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2005/0074/", }, { name: "SSA:2006-129-01", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { name: "PK16139", refsource: "AIXAPAR", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { name: "oval:org.mitre.oval:def:10480", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { name: "RHSA-2006:0692", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { name: "SSRT061202", refsource: "HP", url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "18585", refsource: "SECUNIA", url: "http://secunia.com/advisories/18585", }, { name: "http://docs.info.apple.com/article.html?artnum=307562", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "PK25355", refsource: "AIXAPAR", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { name: "GLSA-200602-03", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { name: "ADV-2008-1697", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "19012", refsource: "SECUNIA", url: "http://secunia.com/advisories/19012", }, { name: "18429", refsource: "SECUNIA", url: "http://secunia.com/advisories/18429", }, { name: "15834", refsource: "BID", url: "http://www.securityfocus.com/bid/15834", }, { name: "ADV-2005-2870", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2870", }, { name: "SSA:2006-130-01", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { name: "18743", refsource: "SECUNIA", url: "http://secunia.com/advisories/18743", }, { name: "25239", refsource: "SECUNIA", url: "http://secunia.com/advisories/25239", }, { name: "HPSBUX02172", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "22140", refsource: "SECUNIA", url: "http://secunia.com/advisories/22140", }, { name: "22388", refsource: "SECUNIA", url: "http://secunia.com/advisories/22388", }, { name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-3352", datePublished: "2005-12-13T20:00:00", dateReserved: "2005-10-27T00:00:00", dateUpdated: "2024-08-07T23:10:08.408Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.3.35\", \"matchCriteriaId\": \"389EC30E-F3B0-46AF-8130-546886042780\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0\", \"versionEndExcluding\": \"2.0.56\", \"matchCriteriaId\": \"6FAFA4DB-88A2-4F63-8E9D-17DAC2DD94E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACBC75F8-C1AF-45AE-91BA-5670EF2D0DCD\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el m\\u00f3dulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elecci\\u00f3n mediante el Referente cuando se usan mapas de im\\u00e1genes.\"}]", id: "CVE-2005-3352", lastModified: "2024-11-21T00:01:41.280", metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}", published: "2005-12-13T20:03:00.000", references: "[{\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307562\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0159.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0692.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/17319\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\", \"URL Repurposed\"]}, {\"url\": \"http://secunia.com/advisories/18008\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18333\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18339\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18340\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18429\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18517\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18526\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18585\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18743\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/19012\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/20046\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/20670\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/21744\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Not Applicable\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22140\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22368\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22388\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22669\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/23260\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/25239\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29420\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29849\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30430\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015344\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2006/dsa-1167\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2006_43_apache.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2006-0158.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/425399/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/445206/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/445206/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450315/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450315/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450321/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450321/100/0/threaded\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/15834\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.trustix.org/errata/2005/0074/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntulinux.org/usn/usn-241-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2870\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2423\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3995\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4015\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4300\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4868\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0924/references\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1246/references\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1697\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307562\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=130497311408250&w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0159.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0692.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/17319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\", \"URL Repurposed\"]}, {\"url\": \"http://secunia.com/advisories/18008\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18339\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18340\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18429\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18517\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18526\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18585\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/18743\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/19012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/20046\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/20670\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://secunia.com/advisories/21744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22368\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22388\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/22669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/23260\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/25239\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29420\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29849\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30430\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015344\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2006/dsa-1167\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.novell.com/linux/security/advisories/2006_43_apache.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2006-0158.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/425399/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/445206/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/445206/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450315/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450315/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450321/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/450321/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/15834\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.trustix.org/errata/2005/0074/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.ubuntulinux.org/usn/usn-241-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2870\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2423\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3995\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4015\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4300\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/4868\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0924/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1246/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]", sourceIdentifier: "secalert@redhat.com", vendorComments: "[{\"organization\": \"Apache\", \"comment\": \"Fixed in Apache HTTP Server 2.2.2, 2.0.58, and 1.3.35: http://httpd.apache.org/security/vulnerabilities_22.html\\nhttp://httpd.apache.org/security/vulnerabilities_20.html\\nhttp://httpd.apache.org/security/vulnerabilities_13.html\", \"lastModified\": \"2008-07-02T00:00:00\"}]", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2005-3352\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2005-12-13T20:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el Referente cuando se usan mapas de imágenes.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.35\",\"matchCriteriaId\":\"389EC30E-F3B0-46AF-8130-546886042780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.0.56\",\"matchCriteriaId\":\"6FAFA4DB-88A2-4F63-8E9D-17DAC2DD94E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACBC75F8-C1AF-45AE-91BA-5670EF2D0DCD\"}]}]}],\"references\":[{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0159.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0692.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/17319\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\",\"URL Repurposed\"]},{\"url\":\"http://secunia.com/advisories/18008\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18333\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18339\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18340\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18429\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18517\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18526\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18585\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18743\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/19012\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/20046\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/20670\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/21744\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22140\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22368\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22388\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22669\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/23260\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/25239\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29849\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30430\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015344\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1167\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_43_apache.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0158.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/425399/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/445206/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/445206/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450315/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450315/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450321/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450321/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/15834\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.trustix.org/errata/2005/0074/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntulinux.org/usn/usn-241-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2870\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2423\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3995\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4015\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4300\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4868\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1246/references\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1697\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=130497311408250&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0159.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0692.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/17319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\",\"URL Repurposed\"]},{\"url\":\"http://secunia.com/advisories/18008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18339\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18429\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18517\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18526\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/18743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/19012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/20046\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/20670\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/21744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22388\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/22669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/23260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/25239\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29849\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015344\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1167\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_43_apache.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0158.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/425399/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/445206/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/445206/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450315/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450315/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450321/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/450321/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/15834\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.trustix.org/errata/2005/0074/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntulinux.org/usn/usn-241-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3995\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4015\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4300\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1246/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"vendorComments\":[{\"organization\":\"Apache\",\"comment\":\"Fixed in Apache HTTP Server 2.2.2, 2.0.58, and 1.3.35: http://httpd.apache.org/security/vulnerabilities_22.html\\nhttp://httpd.apache.org/security/vulnerabilities_20.html\\nhttp://httpd.apache.org/security/vulnerabilities_13.html\",\"lastModified\":\"2008-07-02T00:00:00\"}]}}", }, }
RHSA-2006:0159
Vulnerability from csaf_redhat
Published
2006-01-05 15:59
Modified
2024-11-22 00:08
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated Apache httpd packages that correct three security issues are now
available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A memory leak in the worker MPM could allow remote attackers to cause a
denial of service (memory consumption) via aborted connections, which
prevents the memory for the transaction pool from being reused for other
connections. The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-2970 to this issue. This vulnerability only affects users
who are using the non-default worker MPM.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
A NULL pointer dereference flaw in mod_ssl was discovered affecting server
configurations where an SSL virtual host is configured with access control
and a custom 400 error document. A remote attacker could send a carefully
crafted request to trigger this issue which would lead to a crash. This
crash would only be a denial of service if using the non-default worker
MPM. (CVE-2005-3357)
Users of httpd should update to these erratum packages which contain
backported patches to correct these issues along with some additional bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct three security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause a\ndenial of service (memory consumption) via aborted connections, which\nprevents the memory for the transaction pool from being reused for other\nconnections. The Common Vulnerabilities and Exposures project assigned the\nname CVE-2005-2970 to this issue. This vulnerability only affects users\nwho are using the non-default worker MPM.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the non-default worker\nMPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0159", url: "https://access.redhat.com/errata/RHSA-2006:0159", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "170383", url: "https://bugzilla.redhat.com/show_bug.cgi?id=170383", }, { category: "external", summary: "171756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=171756", }, { category: "external", summary: "175602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175602", }, { category: "external", summary: "175720", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175720", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0159.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-11-22T00:08:07+00:00", generator: { date: "2024-11-22T00:08:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2006:0159", initial_release_date: "2006-01-05T15:59:00+00:00", revision_history: [ { date: "2006-01-05T15:59:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:08:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 3", product: { name: "Red Hat Enterprise Linux AS version 3", product_id: "3AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::as", }, }, }, { category: "product_name", name: "Red Hat Desktop version 3", product: { name: "Red Hat Desktop version 3", product_id: "3Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 3", product: { name: "Red Hat Enterprise Linux ES version 3", product_id: "3ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 3", product: { name: "Red Hat Enterprise Linux WS version 3", product_id: "3WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::ws", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ia64", product: { name: "httpd-0:2.0.46-56.ent.ia64", product_id: "httpd-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ia64", product: { name: "httpd-devel-0:2.0.46-56.ent.ia64", product_id: "httpd-devel-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ia64", product: { name: "mod_ssl-1:2.0.46-56.ent.ia64", product_id: "mod_ssl-1:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ia64", product: { name: "mod_ssl-1:2.0.52-22.ent.ia64", product_id: "mod_ssl-1:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ia64", product: { name: "httpd-devel-0:2.0.52-22.ent.ia64", product_id: "httpd-devel-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ia64", product: { name: "httpd-0:2.0.52-22.ent.ia64", product_id: "httpd-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ia64", product: { name: "httpd-manual-0:2.0.52-22.ent.ia64", product_id: "httpd-manual-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ia64", product: { name: "httpd-suexec-0:2.0.52-22.ent.ia64", product_id: "httpd-suexec-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.x86_64", product: { name: "httpd-0:2.0.46-56.ent.x86_64", product_id: "httpd-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.x86_64", product: { name: "httpd-devel-0:2.0.46-56.ent.x86_64", product_id: "httpd-devel-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.x86_64", product: { name: "mod_ssl-1:2.0.46-56.ent.x86_64", product_id: "mod_ssl-1:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.x86_64", product: { name: "mod_ssl-1:2.0.52-22.ent.x86_64", product_id: "mod_ssl-1:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.x86_64", product: { name: "httpd-devel-0:2.0.52-22.ent.x86_64", product_id: "httpd-devel-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.x86_64", product: { name: "httpd-0:2.0.52-22.ent.x86_64", product_id: "httpd-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.x86_64", product: { name: "httpd-manual-0:2.0.52-22.ent.x86_64", product_id: "httpd-manual-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_id: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_id: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.i386", product: { name: "httpd-0:2.0.46-56.ent.i386", product_id: "httpd-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.i386", product: { name: "httpd-devel-0:2.0.46-56.ent.i386", product_id: "httpd-devel-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.i386", product: { name: "mod_ssl-1:2.0.46-56.ent.i386", product_id: "mod_ssl-1:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.i386", product: { name: "mod_ssl-1:2.0.52-22.ent.i386", product_id: "mod_ssl-1:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_id: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.i386", product: { name: "httpd-devel-0:2.0.52-22.ent.i386", product_id: "httpd-devel-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.i386", product: { name: "httpd-0:2.0.52-22.ent.i386", product_id: "httpd-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.i386", product: { name: "httpd-manual-0:2.0.52-22.ent.i386", product_id: "httpd-manual-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.i386", product: { name: "httpd-suexec-0:2.0.52-22.ent.i386", product_id: "httpd-suexec-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "httpd-0:2.0.46-56.ent.src", product: { name: "httpd-0:2.0.46-56.ent.src", product_id: "httpd-0:2.0.46-56.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.src", product: { name: "httpd-0:2.0.52-22.ent.src", product_id: "httpd-0:2.0.52-22.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ppc", product: { name: "httpd-0:2.0.46-56.ent.ppc", product_id: "httpd-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ppc", product: { name: "httpd-devel-0:2.0.46-56.ent.ppc", product_id: "httpd-devel-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ppc", product: { name: "mod_ssl-1:2.0.46-56.ent.ppc", product_id: "mod_ssl-1:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ppc", product: { name: "mod_ssl-1:2.0.52-22.ent.ppc", product_id: "mod_ssl-1:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ppc", product: { name: "httpd-devel-0:2.0.52-22.ent.ppc", product_id: "httpd-devel-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ppc", product: { name: "httpd-0:2.0.52-22.ent.ppc", product_id: "httpd-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ppc", product: { name: "httpd-manual-0:2.0.52-22.ent.ppc", product_id: "httpd-manual-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ppc", product: { name: "httpd-suexec-0:2.0.52-22.ent.ppc", product_id: "httpd-suexec-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390x", product: { name: "httpd-0:2.0.46-56.ent.s390x", product_id: "httpd-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390x", product: { name: "httpd-devel-0:2.0.46-56.ent.s390x", product_id: "httpd-devel-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390x", product: { name: "mod_ssl-1:2.0.46-56.ent.s390x", product_id: "mod_ssl-1:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390x", product: { name: "mod_ssl-1:2.0.52-22.ent.s390x", product_id: "mod_ssl-1:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390x", product: { name: "httpd-devel-0:2.0.52-22.ent.s390x", product_id: "httpd-devel-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390x", product: { name: "httpd-0:2.0.52-22.ent.s390x", product_id: "httpd-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390x", product: { name: "httpd-manual-0:2.0.52-22.ent.s390x", product_id: "httpd-manual-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390x", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390x", product_id: "httpd-suexec-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390", product: { name: "httpd-0:2.0.46-56.ent.s390", product_id: "httpd-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390", product: { name: "httpd-devel-0:2.0.46-56.ent.s390", product_id: "httpd-devel-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390", product: { name: "mod_ssl-1:2.0.46-56.ent.s390", product_id: "mod_ssl-1:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390", product: { name: "mod_ssl-1:2.0.52-22.ent.s390", product_id: "mod_ssl-1:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390", product: { name: "httpd-devel-0:2.0.52-22.ent.s390", product_id: "httpd-devel-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390", product: { name: "httpd-0:2.0.52-22.ent.s390", product_id: "httpd-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390", product: { name: "httpd-manual-0:2.0.52-22.ent.s390", product_id: "httpd-manual-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390", product_id: "httpd-suexec-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2970", discovery_date: "2005-10-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617769", }, ], notes: [ { category: "description", text: "Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2970", }, { category: "external", summary: "RHBZ#1617769", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617769", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2970", url: "https://www.cve.org/CVERecord?id=CVE-2005-2970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", }, ], release_date: "2005-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3357", discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617818", }, ], notes: [ { category: "description", text: "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3357", }, { category: "external", summary: "RHBZ#1617818", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617818", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3357", url: "https://www.cve.org/CVERecord?id=CVE-2005-3357", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", }, ], release_date: "2005-12-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, ], }
rhsa-2005:882
Vulnerability from csaf_redhat
Published
2005-12-19 17:29
Modified
2024-11-22 00:00
Summary
Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold that fix security issues in
mod_ssl, mod_imap, OpenSSL, and PHP are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Stronghold 4 contains a number of open source technologies, including
mod_ssl and the Apache HTTP Server.
Several security issues have been found that affect cross-platform
Stronghold 4:
A flaw in mod_imap when using the Referer directive with image maps. With
certain site configurations, a remote attacker could perform a cross-site
scripting attack if a victim can be forced to visit a malicious URL using
certain web browsers. (CVE-2005-3352)
A flaw in mod_ssl triggered if a virtual host was configured using
"SSLVerifyClient optional" and a directive "SSLVerifyClient required" is
set for a specific location. For servers configured in this fashion, an
attacker may be able to access resources that should otherwise be
protected. (CVE-2005-2700)
Flaws in shmop_write, pack, and unpack PHP functions. These functions are
not normally passed user-supplied data, so would require a malicious PHP
script to be exploited. (CVE-2004-1018)
Various flaws, including possible information disclosure, double free, and
negative reference index array underflow in the deserialization code of
PHP. PHP applications may use the unserialize function of untrusted user
data, which could allow a remote attacker to gain access to memory or
potentially execute arbitrary code. (CVE-2004-1019)
A flaw in the way PHP registers global variables during a file upload
request. A remote attacker could submit a carefully crafted
multipart/form-data POST request that would overwrite the $GLOBALS array,
altering expected script behavior, and possibly leading to the execution of
arbitrary PHP commands. Note that this vulnerability only affects
installations which have register_globals enabled in the PHP configuration
file, which is not a default or recommended option. (CVE-2005-3390)
A flaw in the PHP parse_str() function. If a PHP script passes only one
argument to the parse_str() function, and the script can be forced to abort
execution during operation (for example due to the memory_limit setting),
the register_globals may be enabled even if it is disabled in the PHP
configuration file. This vulnerability only affects installations that have
PHP scripts using the parse_str function in this way. (CVE-2005-3389)
A Cross-Site Scripting flaw in the phpinfo() function. If a victim can be
tricked into following a malicious URL to a site with a page displaying the
phpinfo() output, it may be possible to inject javascript or HTML content
into the displayed page or steal data such as cookies. This vulnerability
only affects installations that allow users to view the output of the
phpinfo() function. As the phpinfo() function outputs a large amount of
information about the current state of PHP, it should only be used during
debugging or if protected by authentication. (CVE-2005-3388)
OpenSSL contained a software work-around for a bug in SSL handling in
Microsoft Internet Explorer version 3.0.2. This work-around is enabled in
most servers that use OpenSSL to provide support for SSL and TLS. Yutaka
Oiwa discovered that this work-around could allow an attacker, acting as a
"man in the middle", to force an SSL connection to use SSL 2.0 rather than
a stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)
Colin Percival reported a cache timing attack that could allow a malicious
local user to gain portions of cryptographic keys. The OpenSSL library has
been patched to add a new fixed-window mod_exp implementation as default
for RSA, DSA, and DH private-key operations. This patch is designed to
mitigate cache timing and potentially related attacks. (CVE-2005-0109)
Stronghold users are advised to upgrade to these updated packages, which
resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold that fix security issues in\nmod_ssl, mod_imap, OpenSSL, and PHP are now available.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains a number of open source technologies, including\nmod_ssl and the Apache HTTP Server.\n\nSeveral security issues have been found that affect cross-platform\nStronghold 4: \n\nA flaw in mod_imap when using the Referer directive with image maps. With\ncertain site configurations, a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious URL using\ncertain web browsers. (CVE-2005-3352) \n\nA flaw in mod_ssl triggered if a virtual host was configured using\n\"SSLVerifyClient optional\" and a directive \"SSLVerifyClient required\" is\nset for a specific location. For servers configured in this fashion, an\nattacker may be able to access resources that should otherwise be\nprotected. (CVE-2005-2700) \n\nFlaws in shmop_write, pack, and unpack PHP functions. These functions are\nnot normally passed user-supplied data, so would require a malicious PHP\nscript to be exploited. (CVE-2004-1018) \n\nVarious flaws, including possible information disclosure, double free, and\nnegative reference index array underflow in the deserialization code of\nPHP. PHP applications may use the unserialize function of untrusted user\ndata, which could allow a remote attacker to gain access to memory or\npotentially execute arbitrary code. (CVE-2004-1019) \n\nA flaw in the way PHP registers global variables during a file upload\nrequest. A remote attacker could submit a carefully crafted\nmultipart/form-data POST request that would overwrite the $GLOBALS array,\naltering expected script behavior, and possibly leading to the execution of\narbitrary PHP commands. Note that this vulnerability only affects\ninstallations which have register_globals enabled in the PHP configuration\nfile, which is not a default or recommended option. (CVE-2005-3390)\n\nA flaw in the PHP parse_str() function. If a PHP script passes only one\nargument to the parse_str() function, and the script can be forced to abort\nexecution during operation (for example due to the memory_limit setting),\nthe register_globals may be enabled even if it is disabled in the PHP\nconfiguration file. This vulnerability only affects installations that have\nPHP scripts using the parse_str function in this way. (CVE-2005-3389)\n\nA Cross-Site Scripting flaw in the phpinfo() function. If a victim can be\ntricked into following a malicious URL to a site with a page displaying the\nphpinfo() output, it may be possible to inject javascript or HTML content\ninto the displayed page or steal data such as cookies. This vulnerability\nonly affects installations that allow users to view the output of the\nphpinfo() function. As the phpinfo() function outputs a large amount of\ninformation about the current state of PHP, it should only be used during\ndebugging or if protected by authentication. (CVE-2005-3388) \n\nOpenSSL contained a software work-around for a bug in SSL handling in\nMicrosoft Internet Explorer version 3.0.2. This work-around is enabled in\nmost servers that use OpenSSL to provide support for SSL and TLS. Yutaka\nOiwa discovered that this work-around could allow an attacker, acting as a\n\"man in the middle\", to force an SSL connection to use SSL 2.0 rather than\na stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)\n\nColin Percival reported a cache timing attack that could allow a malicious\nlocal user to gain portions of cryptographic keys. The OpenSSL library has\nbeen patched to add a new fixed-window mod_exp implementation as default\nfor RSA, DSA, and DH private-key operations. This patch is designed to\nmitigate cache timing and potentially related attacks. (CVE-2005-0109)\n\nStronghold users are advised to upgrade to these updated packages, which\nresolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:882", url: "https://access.redhat.com/errata/RHSA-2005:882", }, { category: "external", summary: "http://stronghold.redhat.com/support/upgrade-sh4", url: "http://stronghold.redhat.com/support/upgrade-sh4", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_882.json", }, ], title: "Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold", tracking: { current_release_date: "2024-11-22T00:00:58+00:00", generator: { date: "2024-11-22T00:00:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:882", initial_release_date: "2005-12-19T17:29:00+00:00", revision_history: [ { date: "2005-12-19T17:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-11-20T15:43:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:00:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2004-1018", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617352", }, ], notes: [ { category: "description", text: "Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an \"integer overflow/underflow\" in the pack function, or (3) an \"integer overflow/underflow\" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1018", }, { category: "external", summary: "RHBZ#1617352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617352", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1018", url: "https://www.cve.org/CVERecord?id=CVE-2004-1018", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2004-1019", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617353", }, ], notes: [ { category: "description", text: "The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger \"information disclosure, double-free and negative reference index array underflow\" results.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1019", }, { category: "external", summary: "RHBZ#1617353", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617353", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1019", url: "https://www.cve.org/CVERecord?id=CVE-2004-1019", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-0109", discovery_date: "2005-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617463", }, ], notes: [ { category: "description", text: "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-0109", }, { category: "external", summary: "RHBZ#1617463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-0109", url: "https://www.cve.org/CVERecord?id=CVE-2005-0109", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", }, ], release_date: "2005-05-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2005-2700", discovery_date: "2005-08-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617741", }, ], notes: [ { category: "description", text: "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2700", }, { category: "external", summary: "RHBZ#1617741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617741", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2700", url: "https://www.cve.org/CVERecord?id=CVE-2005-2700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", }, ], release_date: "2005-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-2969", discovery_date: "2005-10-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430660", }, ], notes: [ { category: "description", text: "The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.", title: "Vulnerability description", }, { category: "summary", text: "openssl mitm downgrade attack", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2969", }, { category: "external", summary: "RHBZ#430660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430660", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2969", url: "https://www.cve.org/CVERecord?id=CVE-2005-2969", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", }, ], release_date: "2005-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl mitm downgrade attack", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3388", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617821", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a \"stacked array assignment.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3388", }, { category: "external", summary: "RHBZ#1617821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617821", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3388", url: "https://www.cve.org/CVERecord?id=CVE-2005-3388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3389", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617822", }, ], notes: [ { category: "description", text: "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3389", }, { category: "external", summary: "RHBZ#1617822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3389", url: "https://www.cve.org/CVERecord?id=CVE-2005-3389", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3390", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617823", }, ], notes: [ { category: "description", text: "The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a \"GLOBALS\" fileupload field.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3390", }, { category: "external", summary: "RHBZ#1617823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617823", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3390", url: "https://www.cve.org/CVERecord?id=CVE-2005-3390", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
RHSA-2006:0158
Vulnerability from csaf_redhat
Published
2006-01-17 08:23
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update
Notes
Topic
Updated Apache httpd packages that correct a security issue are now
available for Red Hat Enterprise Linux 2.1.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-3352 to this issue.
Users of apache should upgrade to these updated packages, which contain
a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server. \n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. The Common Vulnerabilities and\nExposures project assigned the name CVE-2005-3352 to this issue.\n\nUsers of apache should upgrade to these updated packages, which contain\na backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0158", url: "https://access.redhat.com/errata/RHSA-2006:0158", }, { category: "external", summary: "175714", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175714", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0158.json", }, ], title: "Red Hat Security Advisory: apache security update", tracking: { current_release_date: "2024-11-14T10:04:06+00:00", generator: { date: "2024-11-14T10:04:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0158", initial_release_date: "2006-01-17T08:23:00+00:00", revision_history: [ { date: "2006-01-17T08:23:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-17T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-17T08:23:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0158", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, ], }
rhsa-2008:0523
Vulnerability from csaf_redhat
Published
2008-06-30 15:29
Modified
2025-01-26 19:35
Summary
Red Hat Security Advisory: Red Hat Network Proxy Server security update
Notes
Topic
Red Hat Network Proxy Server version 4.2.3 is now available. This update
includes fixes for a number of security issues in Red Hat Network Proxy
Server components.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
Details
The Red Hat Network Proxy Server 4.2.3 release corrects several security
vulnerabilities in several shipped components. In a typical operating
environment, these components are not exposed to users of Proxy Server in a
vulnerable manner. These security updates will reduce risk in unique Proxy
Server environments.
Multiple flaws were fixed in the Apache HTTPD server. These flaws could
result in a cross-site scripting or denial-of-service attack.
(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,
CVE-2006-3918, CVE-2005-3352)
A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)
Multiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)
A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)
Users of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,
which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Network Proxy Server version 4.2.3 is now available. This update\nincludes fixes for a number of security issues in Red Hat Network Proxy\nServer components.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Red Hat Network Proxy Server 4.2.3 release corrects several security\nvulnerabilities in several shipped components. In a typical operating\nenvironment, these components are not exposed to users of Proxy Server in a\nvulnerable manner. These security updates will reduce risk in unique Proxy\nServer environments.\n\nMultiple flaws were fixed in the Apache HTTPD server. These flaws could\nresult in a cross-site scripting or denial-of-service attack.\n(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,\nCVE-2006-3918, CVE-2005-3352)\n\nA denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)\n\nMultiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)\n\nA denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)\n\nUsers of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,\nwhich resolves these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2008:0523", url: "https://access.redhat.com/errata/RHSA-2008:0523", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "449336", url: "https://bugzilla.redhat.com/show_bug.cgi?id=449336", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0523.json", }, ], title: "Red Hat Security Advisory: Red Hat Network Proxy Server security update", tracking: { current_release_date: "2025-01-26T19:35:55+00:00", generator: { date: "2025-01-26T19:35:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2008:0523", initial_release_date: "2008-06-30T15:29:00+00:00", revision_history: [ { date: "2008-06-30T15:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2008-06-30T11:32:56+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-26T19:35:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el3", }, }, }, { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el4", }, }, }, ], category: "product_family", name: "Red Hat Satellite Proxy", }, { branches: [ { category: "product_version", name: "jabberd-0:2.0s10-3.37.rhn.i386", product: { name: "jabberd-0:2.0s10-3.37.rhn.i386", product_id: "jabberd-0:2.0s10-3.37.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.37.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel3?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel3.i386", product: { name: "rhn-modperl-0:1.29-16.rhel3.i386", product_id: "rhn-modperl-0:1.29-16.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel3?arch=i386", }, }, }, { category: "product_version", name: "jabberd-0:2.0s10-3.38.rhn.i386", product: { name: "jabberd-0:2.0s10-3.38.rhn.i386", product_id: "jabberd-0:2.0s10-3.38.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.38.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel4?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel4.i386", product: { name: "rhn-modperl-0:1.29-16.rhel4.i386", product_id: "rhn-modperl-0:1.29-16.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.37.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.37.rhn.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.38.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.38.rhn.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2004-0488", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430867", }, ], notes: [ { category: "description", text: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl ssl_util_uuencode_binary CA issue", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0488", }, { category: "external", summary: "RHBZ#430867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0488", url: "https://www.cve.org/CVERecord?id=CVE-2004-0488", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", }, ], release_date: "2004-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl ssl_util_uuencode_binary CA issue", }, { cve: "CVE-2004-0700", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430866", }, ], notes: [ { category: "description", text: "Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.", title: "Vulnerability description", }, { category: "summary", text: "mod_proxy hook format string", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0700", }, { category: "external", summary: "RHBZ#430866", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430866", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0700", url: "https://www.cve.org/CVERecord?id=CVE-2004-0700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", }, ], release_date: "2004-07-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "mod_proxy hook format string", }, { cve: "CVE-2004-0885", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430637", }, ], notes: [ { category: "description", text: "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl SSLCipherSuite bypass", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0885", }, { category: "external", summary: "RHBZ#430637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430637", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0885", url: "https://www.cve.org/CVERecord?id=CVE-2004-0885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", }, ], release_date: "2004-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl SSLCipherSuite bypass", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-1329", ids: [ { system_name: "Red Hat Bugzilla ID", text: "429254", }, ], notes: [ { category: "description", text: "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\".", title: "Vulnerability description", }, { category: "summary", text: "jabberd SASL DoS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-1329", }, { category: "external", summary: "RHBZ#429254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=429254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-1329", url: "https://www.cve.org/CVERecord?id=CVE-2006-1329", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", }, ], release_date: "2006-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jabberd SASL DoS", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, { cve: "CVE-2006-5752", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245112", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.", title: "Vulnerability description", }, { category: "summary", text: "httpd mod_status XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-5752", }, { category: "external", summary: "RHBZ#245112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245112", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-5752", url: "https://www.cve.org/CVERecord?id=CVE-2006-5752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", }, ], release_date: "2007-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd mod_status XSS", }, { cve: "CVE-2007-1349", discovery_date: "2007-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "240423", }, ], notes: [ { category: "description", text: "PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.", title: "Vulnerability description", }, { category: "summary", text: "mod_perl PerlRun denial of service", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-1349", }, { category: "external", summary: "RHBZ#240423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=240423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-1349", url: "https://www.cve.org/CVERecord?id=CVE-2007-1349", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", }, ], release_date: "2007-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_perl PerlRun denial of service", }, { cve: "CVE-2007-3304", discovery_date: "2007-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245111", }, ], notes: [ { category: "description", text: "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"", title: "Vulnerability description", }, { category: "summary", text: "httpd scoreboard lack of PID protection", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-3304", }, { category: "external", summary: "RHBZ#245111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245111", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-3304", url: "https://www.cve.org/CVERecord?id=CVE-2007-3304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", }, ], release_date: "2007-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd scoreboard lack of PID protection", }, { cve: "CVE-2007-4465", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "289511", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.", title: "Vulnerability description", }, { category: "summary", text: "mod_autoindex XSS", title: "Vulnerability summary", }, { category: "other", text: "This is actually a flaw in browsers that do not derive the response character set as required by RFC 2616. This does not affect the default configuration of Apache httpd in Red Hat products and will only affect customers who have removed the \"AddDefaultCharset\" directive and are using directory indexes. The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.", title: "Statement", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-4465", }, { category: "external", summary: "RHBZ#289511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=289511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-4465", url: "https://www.cve.org/CVERecord?id=CVE-2007-4465", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", }, ], release_date: "2007-09-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "mod_autoindex XSS", }, { cve: "CVE-2007-5000", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-12-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "419931", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_imagemap XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-5000", }, { category: "external", summary: "RHBZ#419931", url: "https://bugzilla.redhat.com/show_bug.cgi?id=419931", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-5000", url: "https://www.cve.org/CVERecord?id=CVE-2007-5000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", }, ], release_date: "2007-12-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "httpd: mod_imagemap XSS", }, { cve: "CVE-2007-6388", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2008-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "427228", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "apache mod_status cross-site scripting", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-6388", }, { category: "external", summary: "RHBZ#427228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=427228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-6388", url: "https://www.cve.org/CVERecord?id=CVE-2007-6388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", }, ], release_date: "2007-12-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache mod_status cross-site scripting", }, ], }
rhsa-2006_0159
Vulnerability from csaf_redhat
Published
2006-01-05 15:59
Modified
2024-11-22 00:08
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated Apache httpd packages that correct three security issues are now
available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A memory leak in the worker MPM could allow remote attackers to cause a
denial of service (memory consumption) via aborted connections, which
prevents the memory for the transaction pool from being reused for other
connections. The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-2970 to this issue. This vulnerability only affects users
who are using the non-default worker MPM.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
A NULL pointer dereference flaw in mod_ssl was discovered affecting server
configurations where an SSL virtual host is configured with access control
and a custom 400 error document. A remote attacker could send a carefully
crafted request to trigger this issue which would lead to a crash. This
crash would only be a denial of service if using the non-default worker
MPM. (CVE-2005-3357)
Users of httpd should update to these erratum packages which contain
backported patches to correct these issues along with some additional bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct three security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause a\ndenial of service (memory consumption) via aborted connections, which\nprevents the memory for the transaction pool from being reused for other\nconnections. The Common Vulnerabilities and Exposures project assigned the\nname CVE-2005-2970 to this issue. This vulnerability only affects users\nwho are using the non-default worker MPM.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the non-default worker\nMPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0159", url: "https://access.redhat.com/errata/RHSA-2006:0159", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "170383", url: "https://bugzilla.redhat.com/show_bug.cgi?id=170383", }, { category: "external", summary: "171756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=171756", }, { category: "external", summary: "175602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175602", }, { category: "external", summary: "175720", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175720", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0159.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-11-22T00:08:07+00:00", generator: { date: "2024-11-22T00:08:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2006:0159", initial_release_date: "2006-01-05T15:59:00+00:00", revision_history: [ { date: "2006-01-05T15:59:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:08:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 3", product: { name: "Red Hat Enterprise Linux AS version 3", product_id: "3AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::as", }, }, }, { category: "product_name", name: "Red Hat Desktop version 3", product: { name: "Red Hat Desktop version 3", product_id: "3Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 3", product: { name: "Red Hat Enterprise Linux ES version 3", product_id: "3ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 3", product: { name: "Red Hat Enterprise Linux WS version 3", product_id: "3WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::ws", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ia64", product: { name: "httpd-0:2.0.46-56.ent.ia64", product_id: "httpd-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ia64", product: { name: "httpd-devel-0:2.0.46-56.ent.ia64", product_id: "httpd-devel-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ia64", product: { name: "mod_ssl-1:2.0.46-56.ent.ia64", product_id: "mod_ssl-1:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ia64", product: { name: "mod_ssl-1:2.0.52-22.ent.ia64", product_id: "mod_ssl-1:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ia64", product: { name: "httpd-devel-0:2.0.52-22.ent.ia64", product_id: "httpd-devel-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ia64", product: { name: "httpd-0:2.0.52-22.ent.ia64", product_id: "httpd-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ia64", product: { name: "httpd-manual-0:2.0.52-22.ent.ia64", product_id: "httpd-manual-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ia64", product: { name: "httpd-suexec-0:2.0.52-22.ent.ia64", product_id: "httpd-suexec-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.x86_64", product: { name: "httpd-0:2.0.46-56.ent.x86_64", product_id: "httpd-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.x86_64", product: { name: "httpd-devel-0:2.0.46-56.ent.x86_64", product_id: "httpd-devel-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.x86_64", product: { name: "mod_ssl-1:2.0.46-56.ent.x86_64", product_id: "mod_ssl-1:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.x86_64", product: { name: "mod_ssl-1:2.0.52-22.ent.x86_64", product_id: "mod_ssl-1:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.x86_64", product: { name: "httpd-devel-0:2.0.52-22.ent.x86_64", product_id: "httpd-devel-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.x86_64", product: { name: "httpd-0:2.0.52-22.ent.x86_64", product_id: "httpd-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.x86_64", product: { name: "httpd-manual-0:2.0.52-22.ent.x86_64", product_id: "httpd-manual-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_id: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_id: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.i386", product: { name: "httpd-0:2.0.46-56.ent.i386", product_id: "httpd-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.i386", product: { name: "httpd-devel-0:2.0.46-56.ent.i386", product_id: "httpd-devel-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.i386", product: { name: "mod_ssl-1:2.0.46-56.ent.i386", product_id: "mod_ssl-1:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.i386", product: { name: "mod_ssl-1:2.0.52-22.ent.i386", product_id: "mod_ssl-1:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_id: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.i386", product: { name: "httpd-devel-0:2.0.52-22.ent.i386", product_id: "httpd-devel-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.i386", product: { name: "httpd-0:2.0.52-22.ent.i386", product_id: "httpd-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.i386", product: { name: "httpd-manual-0:2.0.52-22.ent.i386", product_id: "httpd-manual-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.i386", product: { name: "httpd-suexec-0:2.0.52-22.ent.i386", product_id: "httpd-suexec-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "httpd-0:2.0.46-56.ent.src", product: { name: "httpd-0:2.0.46-56.ent.src", product_id: "httpd-0:2.0.46-56.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.src", product: { name: "httpd-0:2.0.52-22.ent.src", product_id: "httpd-0:2.0.52-22.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ppc", product: { name: "httpd-0:2.0.46-56.ent.ppc", product_id: "httpd-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ppc", product: { name: "httpd-devel-0:2.0.46-56.ent.ppc", product_id: "httpd-devel-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ppc", product: { name: "mod_ssl-1:2.0.46-56.ent.ppc", product_id: "mod_ssl-1:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ppc", product: { name: "mod_ssl-1:2.0.52-22.ent.ppc", product_id: "mod_ssl-1:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ppc", product: { name: "httpd-devel-0:2.0.52-22.ent.ppc", product_id: "httpd-devel-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ppc", product: { name: "httpd-0:2.0.52-22.ent.ppc", product_id: "httpd-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ppc", product: { name: "httpd-manual-0:2.0.52-22.ent.ppc", product_id: "httpd-manual-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ppc", product: { name: "httpd-suexec-0:2.0.52-22.ent.ppc", product_id: "httpd-suexec-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390x", product: { name: "httpd-0:2.0.46-56.ent.s390x", product_id: "httpd-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390x", product: { name: "httpd-devel-0:2.0.46-56.ent.s390x", product_id: "httpd-devel-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390x", product: { name: "mod_ssl-1:2.0.46-56.ent.s390x", product_id: "mod_ssl-1:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390x", product: { name: "mod_ssl-1:2.0.52-22.ent.s390x", product_id: "mod_ssl-1:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390x", product: { name: "httpd-devel-0:2.0.52-22.ent.s390x", product_id: "httpd-devel-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390x", product: { name: "httpd-0:2.0.52-22.ent.s390x", product_id: "httpd-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390x", product: { name: "httpd-manual-0:2.0.52-22.ent.s390x", product_id: "httpd-manual-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390x", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390x", product_id: "httpd-suexec-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390", product: { name: "httpd-0:2.0.46-56.ent.s390", product_id: "httpd-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390", product: { name: "httpd-devel-0:2.0.46-56.ent.s390", product_id: "httpd-devel-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390", product: { name: "mod_ssl-1:2.0.46-56.ent.s390", product_id: "mod_ssl-1:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390", product: { name: "mod_ssl-1:2.0.52-22.ent.s390", product_id: "mod_ssl-1:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390", product: { name: "httpd-devel-0:2.0.52-22.ent.s390", product_id: "httpd-devel-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390", product: { name: "httpd-0:2.0.52-22.ent.s390", product_id: "httpd-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390", product: { name: "httpd-manual-0:2.0.52-22.ent.s390", product_id: "httpd-manual-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390", product_id: "httpd-suexec-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2970", discovery_date: "2005-10-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617769", }, ], notes: [ { category: "description", text: "Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2970", }, { category: "external", summary: "RHBZ#1617769", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617769", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2970", url: "https://www.cve.org/CVERecord?id=CVE-2005-2970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", }, ], release_date: "2005-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3357", discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617818", }, ], notes: [ { category: "description", text: "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3357", }, { category: "external", summary: "RHBZ#1617818", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617818", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3357", url: "https://www.cve.org/CVERecord?id=CVE-2005-3357", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", }, ], release_date: "2005-12-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, ], }
rhsa-2008_0523
Vulnerability from csaf_redhat
Published
2008-06-30 15:29
Modified
2024-12-08 10:33
Summary
Red Hat Security Advisory: Red Hat Network Proxy Server security update
Notes
Topic
Red Hat Network Proxy Server version 4.2.3 is now available. This update
includes fixes for a number of security issues in Red Hat Network Proxy
Server components.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
Details
The Red Hat Network Proxy Server 4.2.3 release corrects several security
vulnerabilities in several shipped components. In a typical operating
environment, these components are not exposed to users of Proxy Server in a
vulnerable manner. These security updates will reduce risk in unique Proxy
Server environments.
Multiple flaws were fixed in the Apache HTTPD server. These flaws could
result in a cross-site scripting or denial-of-service attack.
(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,
CVE-2006-3918, CVE-2005-3352)
A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)
Multiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)
A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)
Users of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,
which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Network Proxy Server version 4.2.3 is now available. This update\nincludes fixes for a number of security issues in Red Hat Network Proxy\nServer components.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Red Hat Network Proxy Server 4.2.3 release corrects several security\nvulnerabilities in several shipped components. In a typical operating\nenvironment, these components are not exposed to users of Proxy Server in a\nvulnerable manner. These security updates will reduce risk in unique Proxy\nServer environments.\n\nMultiple flaws were fixed in the Apache HTTPD server. These flaws could\nresult in a cross-site scripting or denial-of-service attack.\n(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,\nCVE-2006-3918, CVE-2005-3352)\n\nA denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)\n\nMultiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)\n\nA denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)\n\nUsers of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,\nwhich resolves these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2008:0523", url: "https://access.redhat.com/errata/RHSA-2008:0523", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "449336", url: "https://bugzilla.redhat.com/show_bug.cgi?id=449336", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0523.json", }, ], title: "Red Hat Security Advisory: Red Hat Network Proxy Server security update", tracking: { current_release_date: "2024-12-08T10:33:39+00:00", generator: { date: "2024-12-08T10:33:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2008:0523", initial_release_date: "2008-06-30T15:29:00+00:00", revision_history: [ { date: "2008-06-30T15:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2008-06-30T11:32:56+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-08T10:33:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el3", }, }, }, { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el4", }, }, }, ], category: "product_family", name: "Red Hat Satellite Proxy", }, { branches: [ { category: "product_version", name: "jabberd-0:2.0s10-3.37.rhn.i386", product: { name: "jabberd-0:2.0s10-3.37.rhn.i386", product_id: "jabberd-0:2.0s10-3.37.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.37.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel3?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel3.i386", product: { name: "rhn-modperl-0:1.29-16.rhel3.i386", product_id: "rhn-modperl-0:1.29-16.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel3?arch=i386", }, }, }, { category: "product_version", name: "jabberd-0:2.0s10-3.38.rhn.i386", product: { name: "jabberd-0:2.0s10-3.38.rhn.i386", product_id: "jabberd-0:2.0s10-3.38.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.38.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel4?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel4.i386", product: { name: "rhn-modperl-0:1.29-16.rhel4.i386", product_id: "rhn-modperl-0:1.29-16.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.37.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.37.rhn.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.38.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.38.rhn.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2004-0488", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430867", }, ], notes: [ { category: "description", text: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl ssl_util_uuencode_binary CA issue", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0488", }, { category: "external", summary: "RHBZ#430867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0488", url: "https://www.cve.org/CVERecord?id=CVE-2004-0488", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", }, ], release_date: "2004-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl ssl_util_uuencode_binary CA issue", }, { cve: "CVE-2004-0700", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430866", }, ], notes: [ { category: "description", text: "Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.", title: "Vulnerability description", }, { category: "summary", text: "mod_proxy hook format string", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0700", }, { category: "external", summary: "RHBZ#430866", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430866", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0700", url: "https://www.cve.org/CVERecord?id=CVE-2004-0700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", }, ], release_date: "2004-07-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "mod_proxy hook format string", }, { cve: "CVE-2004-0885", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430637", }, ], notes: [ { category: "description", text: "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl SSLCipherSuite bypass", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0885", }, { category: "external", summary: "RHBZ#430637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430637", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0885", url: "https://www.cve.org/CVERecord?id=CVE-2004-0885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", }, ], release_date: "2004-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl SSLCipherSuite bypass", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-1329", ids: [ { system_name: "Red Hat Bugzilla ID", text: "429254", }, ], notes: [ { category: "description", text: "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\".", title: "Vulnerability description", }, { category: "summary", text: "jabberd SASL DoS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-1329", }, { category: "external", summary: "RHBZ#429254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=429254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-1329", url: "https://www.cve.org/CVERecord?id=CVE-2006-1329", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", }, ], release_date: "2006-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jabberd SASL DoS", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, { cve: "CVE-2006-5752", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245112", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.", title: "Vulnerability description", }, { category: "summary", text: "httpd mod_status XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-5752", }, { category: "external", summary: "RHBZ#245112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245112", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-5752", url: "https://www.cve.org/CVERecord?id=CVE-2006-5752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", }, ], release_date: "2007-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd mod_status XSS", }, { cve: "CVE-2007-1349", discovery_date: "2007-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "240423", }, ], notes: [ { category: "description", text: "PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.", title: "Vulnerability description", }, { category: "summary", text: "mod_perl PerlRun denial of service", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-1349", }, { category: "external", summary: "RHBZ#240423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=240423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-1349", url: "https://www.cve.org/CVERecord?id=CVE-2007-1349", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", }, ], release_date: "2007-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_perl PerlRun denial of service", }, { cve: "CVE-2007-3304", discovery_date: "2007-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245111", }, ], notes: [ { category: "description", text: "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"", title: "Vulnerability description", }, { category: "summary", text: "httpd scoreboard lack of PID protection", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-3304", }, { category: "external", summary: "RHBZ#245111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245111", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-3304", url: "https://www.cve.org/CVERecord?id=CVE-2007-3304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", }, ], release_date: "2007-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd scoreboard lack of PID protection", }, { cve: "CVE-2007-4465", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "289511", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.", title: "Vulnerability description", }, { category: "summary", text: "mod_autoindex XSS", title: "Vulnerability summary", }, { category: "other", text: "This is actually a flaw in browsers that do not derive the response character set as required by RFC 2616. This does not affect the default configuration of Apache httpd in Red Hat products and will only affect customers who have removed the \"AddDefaultCharset\" directive and are using directory indexes. The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.", title: "Statement", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-4465", }, { category: "external", summary: "RHBZ#289511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=289511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-4465", url: "https://www.cve.org/CVERecord?id=CVE-2007-4465", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", }, ], release_date: "2007-09-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "mod_autoindex XSS", }, { cve: "CVE-2007-5000", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-12-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "419931", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_imagemap XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-5000", }, { category: "external", summary: "RHBZ#419931", url: "https://bugzilla.redhat.com/show_bug.cgi?id=419931", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-5000", url: "https://www.cve.org/CVERecord?id=CVE-2007-5000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", }, ], release_date: "2007-12-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "httpd: mod_imagemap XSS", }, { cve: "CVE-2007-6388", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2008-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "427228", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "apache mod_status cross-site scripting", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-6388", }, { category: "external", summary: "RHBZ#427228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=427228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-6388", url: "https://www.cve.org/CVERecord?id=CVE-2007-6388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", }, ], release_date: "2007-12-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache mod_status cross-site scripting", }, ], }
RHSA-2005:882
Vulnerability from csaf_redhat
Published
2005-12-19 17:29
Modified
2024-11-22 00:00
Summary
Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold that fix security issues in
mod_ssl, mod_imap, OpenSSL, and PHP are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Stronghold 4 contains a number of open source technologies, including
mod_ssl and the Apache HTTP Server.
Several security issues have been found that affect cross-platform
Stronghold 4:
A flaw in mod_imap when using the Referer directive with image maps. With
certain site configurations, a remote attacker could perform a cross-site
scripting attack if a victim can be forced to visit a malicious URL using
certain web browsers. (CVE-2005-3352)
A flaw in mod_ssl triggered if a virtual host was configured using
"SSLVerifyClient optional" and a directive "SSLVerifyClient required" is
set for a specific location. For servers configured in this fashion, an
attacker may be able to access resources that should otherwise be
protected. (CVE-2005-2700)
Flaws in shmop_write, pack, and unpack PHP functions. These functions are
not normally passed user-supplied data, so would require a malicious PHP
script to be exploited. (CVE-2004-1018)
Various flaws, including possible information disclosure, double free, and
negative reference index array underflow in the deserialization code of
PHP. PHP applications may use the unserialize function of untrusted user
data, which could allow a remote attacker to gain access to memory or
potentially execute arbitrary code. (CVE-2004-1019)
A flaw in the way PHP registers global variables during a file upload
request. A remote attacker could submit a carefully crafted
multipart/form-data POST request that would overwrite the $GLOBALS array,
altering expected script behavior, and possibly leading to the execution of
arbitrary PHP commands. Note that this vulnerability only affects
installations which have register_globals enabled in the PHP configuration
file, which is not a default or recommended option. (CVE-2005-3390)
A flaw in the PHP parse_str() function. If a PHP script passes only one
argument to the parse_str() function, and the script can be forced to abort
execution during operation (for example due to the memory_limit setting),
the register_globals may be enabled even if it is disabled in the PHP
configuration file. This vulnerability only affects installations that have
PHP scripts using the parse_str function in this way. (CVE-2005-3389)
A Cross-Site Scripting flaw in the phpinfo() function. If a victim can be
tricked into following a malicious URL to a site with a page displaying the
phpinfo() output, it may be possible to inject javascript or HTML content
into the displayed page or steal data such as cookies. This vulnerability
only affects installations that allow users to view the output of the
phpinfo() function. As the phpinfo() function outputs a large amount of
information about the current state of PHP, it should only be used during
debugging or if protected by authentication. (CVE-2005-3388)
OpenSSL contained a software work-around for a bug in SSL handling in
Microsoft Internet Explorer version 3.0.2. This work-around is enabled in
most servers that use OpenSSL to provide support for SSL and TLS. Yutaka
Oiwa discovered that this work-around could allow an attacker, acting as a
"man in the middle", to force an SSL connection to use SSL 2.0 rather than
a stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)
Colin Percival reported a cache timing attack that could allow a malicious
local user to gain portions of cryptographic keys. The OpenSSL library has
been patched to add a new fixed-window mod_exp implementation as default
for RSA, DSA, and DH private-key operations. This patch is designed to
mitigate cache timing and potentially related attacks. (CVE-2005-0109)
Stronghold users are advised to upgrade to these updated packages, which
resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold that fix security issues in\nmod_ssl, mod_imap, OpenSSL, and PHP are now available.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains a number of open source technologies, including\nmod_ssl and the Apache HTTP Server.\n\nSeveral security issues have been found that affect cross-platform\nStronghold 4: \n\nA flaw in mod_imap when using the Referer directive with image maps. With\ncertain site configurations, a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious URL using\ncertain web browsers. (CVE-2005-3352) \n\nA flaw in mod_ssl triggered if a virtual host was configured using\n\"SSLVerifyClient optional\" and a directive \"SSLVerifyClient required\" is\nset for a specific location. For servers configured in this fashion, an\nattacker may be able to access resources that should otherwise be\nprotected. (CVE-2005-2700) \n\nFlaws in shmop_write, pack, and unpack PHP functions. These functions are\nnot normally passed user-supplied data, so would require a malicious PHP\nscript to be exploited. (CVE-2004-1018) \n\nVarious flaws, including possible information disclosure, double free, and\nnegative reference index array underflow in the deserialization code of\nPHP. PHP applications may use the unserialize function of untrusted user\ndata, which could allow a remote attacker to gain access to memory or\npotentially execute arbitrary code. (CVE-2004-1019) \n\nA flaw in the way PHP registers global variables during a file upload\nrequest. A remote attacker could submit a carefully crafted\nmultipart/form-data POST request that would overwrite the $GLOBALS array,\naltering expected script behavior, and possibly leading to the execution of\narbitrary PHP commands. Note that this vulnerability only affects\ninstallations which have register_globals enabled in the PHP configuration\nfile, which is not a default or recommended option. (CVE-2005-3390)\n\nA flaw in the PHP parse_str() function. If a PHP script passes only one\nargument to the parse_str() function, and the script can be forced to abort\nexecution during operation (for example due to the memory_limit setting),\nthe register_globals may be enabled even if it is disabled in the PHP\nconfiguration file. This vulnerability only affects installations that have\nPHP scripts using the parse_str function in this way. (CVE-2005-3389)\n\nA Cross-Site Scripting flaw in the phpinfo() function. If a victim can be\ntricked into following a malicious URL to a site with a page displaying the\nphpinfo() output, it may be possible to inject javascript or HTML content\ninto the displayed page or steal data such as cookies. This vulnerability\nonly affects installations that allow users to view the output of the\nphpinfo() function. As the phpinfo() function outputs a large amount of\ninformation about the current state of PHP, it should only be used during\ndebugging or if protected by authentication. (CVE-2005-3388) \n\nOpenSSL contained a software work-around for a bug in SSL handling in\nMicrosoft Internet Explorer version 3.0.2. This work-around is enabled in\nmost servers that use OpenSSL to provide support for SSL and TLS. Yutaka\nOiwa discovered that this work-around could allow an attacker, acting as a\n\"man in the middle\", to force an SSL connection to use SSL 2.0 rather than\na stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)\n\nColin Percival reported a cache timing attack that could allow a malicious\nlocal user to gain portions of cryptographic keys. The OpenSSL library has\nbeen patched to add a new fixed-window mod_exp implementation as default\nfor RSA, DSA, and DH private-key operations. This patch is designed to\nmitigate cache timing and potentially related attacks. (CVE-2005-0109)\n\nStronghold users are advised to upgrade to these updated packages, which\nresolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:882", url: "https://access.redhat.com/errata/RHSA-2005:882", }, { category: "external", summary: "http://stronghold.redhat.com/support/upgrade-sh4", url: "http://stronghold.redhat.com/support/upgrade-sh4", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_882.json", }, ], title: "Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold", tracking: { current_release_date: "2024-11-22T00:00:58+00:00", generator: { date: "2024-11-22T00:00:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:882", initial_release_date: "2005-12-19T17:29:00+00:00", revision_history: [ { date: "2005-12-19T17:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-11-20T15:43:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:00:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2004-1018", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617352", }, ], notes: [ { category: "description", text: "Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an \"integer overflow/underflow\" in the pack function, or (3) an \"integer overflow/underflow\" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1018", }, { category: "external", summary: "RHBZ#1617352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617352", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1018", url: "https://www.cve.org/CVERecord?id=CVE-2004-1018", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2004-1019", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617353", }, ], notes: [ { category: "description", text: "The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger \"information disclosure, double-free and negative reference index array underflow\" results.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1019", }, { category: "external", summary: "RHBZ#1617353", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617353", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1019", url: "https://www.cve.org/CVERecord?id=CVE-2004-1019", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-0109", discovery_date: "2005-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617463", }, ], notes: [ { category: "description", text: "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-0109", }, { category: "external", summary: "RHBZ#1617463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-0109", url: "https://www.cve.org/CVERecord?id=CVE-2005-0109", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", }, ], release_date: "2005-05-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2005-2700", discovery_date: "2005-08-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617741", }, ], notes: [ { category: "description", text: "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2700", }, { category: "external", summary: "RHBZ#1617741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617741", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2700", url: "https://www.cve.org/CVERecord?id=CVE-2005-2700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", }, ], release_date: "2005-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-2969", discovery_date: "2005-10-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430660", }, ], notes: [ { category: "description", text: "The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.", title: "Vulnerability description", }, { category: "summary", text: "openssl mitm downgrade attack", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2969", }, { category: "external", summary: "RHBZ#430660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430660", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2969", url: "https://www.cve.org/CVERecord?id=CVE-2005-2969", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", }, ], release_date: "2005-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl mitm downgrade attack", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3388", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617821", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a \"stacked array assignment.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3388", }, { category: "external", summary: "RHBZ#1617821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617821", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3388", url: "https://www.cve.org/CVERecord?id=CVE-2005-3388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3389", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617822", }, ], notes: [ { category: "description", text: "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3389", }, { category: "external", summary: "RHBZ#1617822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3389", url: "https://www.cve.org/CVERecord?id=CVE-2005-3389", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3390", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617823", }, ], notes: [ { category: "description", text: "The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a \"GLOBALS\" fileupload field.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3390", }, { category: "external", summary: "RHBZ#1617823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617823", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3390", url: "https://www.cve.org/CVERecord?id=CVE-2005-3390", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
rhsa-2006_0692
Vulnerability from csaf_redhat
Published
2006-09-29 15:47
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update for Stronghold
Notes
Topic
An updated version of Apache that addresses several security issues is now
available for Stronghold 4.0 for Enterprise Linux.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header. (CVE-2006-3918)
While a web browser cannot be forced to send an arbitrary Expect header by
a third-party attacker, it was recently discovered that certain versions of
the Flash plugin can manipulate request headers. If users running such
versions can be persuaded to load a web page with a malicious Flash applet,
a cross-site scripting attack against the server may be possible.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
Users of Stronghold should upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated version of Apache that addresses several security issues is now\navailable for Stronghold 4.0 for Enterprise Linux.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.\n\nA bug was found in Apache where an invalid Expect header sent to the server\nwas returned to the user in an unescaped error message. This could\nallow an attacker to perform a cross-site scripting attack if a victim was\ntricked into connecting to a site and sending a carefully crafted Expect\nheader. (CVE-2006-3918)\n\nWhile a web browser cannot be forced to send an arbitrary Expect header by\na third-party attacker, it was recently discovered that certain versions of\nthe Flash plugin can manipulate request headers. If users running such\nversions can be persuaded to load a web page with a malicious Flash applet,\na cross-site scripting attack against the server may be possible.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nUsers of Stronghold should upgrade to these updated packages, which \ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0692", url: "https://access.redhat.com/errata/RHSA-2006:0692", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "207922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=207922", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0692.json", }, ], title: "Red Hat Security Advisory: apache security update for Stronghold", tracking: { current_release_date: "2024-11-14T10:04:47+00:00", generator: { date: "2024-11-14T10:04:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0692", initial_release_date: "2006-09-29T15:47:00+00:00", revision_history: [ { date: "2006-09-29T15:47:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-09-29T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product: { name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_id: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_stronghold:4.0", }, }, }, ], category: "product_family", name: "Stronghold 4.0 for Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, ], }
RHSA-2008:0523
Vulnerability from csaf_redhat
Published
2008-06-30 15:29
Modified
2025-01-26 19:35
Summary
Red Hat Security Advisory: Red Hat Network Proxy Server security update
Notes
Topic
Red Hat Network Proxy Server version 4.2.3 is now available. This update
includes fixes for a number of security issues in Red Hat Network Proxy
Server components.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
Details
The Red Hat Network Proxy Server 4.2.3 release corrects several security
vulnerabilities in several shipped components. In a typical operating
environment, these components are not exposed to users of Proxy Server in a
vulnerable manner. These security updates will reduce risk in unique Proxy
Server environments.
Multiple flaws were fixed in the Apache HTTPD server. These flaws could
result in a cross-site scripting or denial-of-service attack.
(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,
CVE-2006-3918, CVE-2005-3352)
A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)
Multiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)
A denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)
Users of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,
which resolves these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Network Proxy Server version 4.2.3 is now available. This update\nincludes fixes for a number of security issues in Red Hat Network Proxy\nServer components.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Red Hat Network Proxy Server 4.2.3 release corrects several security\nvulnerabilities in several shipped components. In a typical operating\nenvironment, these components are not exposed to users of Proxy Server in a\nvulnerable manner. These security updates will reduce risk in unique Proxy\nServer environments.\n\nMultiple flaws were fixed in the Apache HTTPD server. These flaws could\nresult in a cross-site scripting or denial-of-service attack.\n(CVE-2007-6388, CVE-2007-5000, CVE-2007-4465, CVE-2007-3304, CVE-2006-5752,\nCVE-2006-3918, CVE-2005-3352)\n\nA denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)\n\nMultiple flaws in mod_ssl. (CVE-2004-0488, CVE-2004-0700, CVE-2004-0885)\n\nA denial-of-service flaw was fixed in the jabberd server. (CVE-2006-1329)\n\nUsers of Red Hat Network Proxy Server 4.2 are advised to upgrade to 4.2.3,\nwhich resolves these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2008:0523", url: "https://access.redhat.com/errata/RHSA-2008:0523", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "449336", url: "https://bugzilla.redhat.com/show_bug.cgi?id=449336", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0523.json", }, ], title: "Red Hat Security Advisory: Red Hat Network Proxy Server security update", tracking: { current_release_date: "2025-01-26T19:35:55+00:00", generator: { date: "2025-01-26T19:35:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.6", }, }, id: "RHSA-2008:0523", initial_release_date: "2008-06-30T15:29:00+00:00", revision_history: [ { date: "2008-06-30T15:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2008-06-30T11:32:56+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-26T19:35:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el3", }, }, }, { category: "product_name", name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product: { name: "Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2", product_identification_helper: { cpe: "cpe:/a:redhat:network_proxy:4.2::el4", }, }, }, ], category: "product_family", name: "Red Hat Satellite Proxy", }, { branches: [ { category: "product_version", name: "jabberd-0:2.0s10-3.37.rhn.i386", product: { name: "jabberd-0:2.0s10-3.37.rhn.i386", product_id: "jabberd-0:2.0s10-3.37.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.37.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel3?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel3.i386", product: { name: "rhn-modperl-0:1.29-16.rhel3.i386", product_id: "rhn-modperl-0:1.29-16.rhel3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel3?arch=i386", }, }, }, { category: "product_version", name: "jabberd-0:2.0s10-3.38.rhn.i386", product: { name: "jabberd-0:2.0s10-3.38.rhn.i386", product_id: "jabberd-0:2.0s10-3.38.rhn.i386", product_identification_helper: { purl: "pkg:rpm/redhat/jabberd@2.0s10-3.38.rhn?arch=i386", }, }, }, { category: "product_version", name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_id: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-apache@1.3.27-36.rhn.rhel4?arch=i386", }, }, }, { category: "product_version", name: "rhn-modperl-0:1.29-16.rhel4.i386", product: { name: "rhn-modperl-0:1.29-16.rhel4.i386", product_id: "rhn-modperl-0:1.29-16.rhel4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/rhn-modperl@1.29-16.rhel4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.37.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.37.rhn.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel3.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.3 AS)", product_id: "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel3.i386", relates_to_product_reference: "3AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "jabberd-0:2.0s10-3.38.rhn.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", }, product_reference: "jabberd-0:2.0s10-3.38.rhn.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", }, product_reference: "rhn-apache-0:1.3.27-36.rhn.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, { category: "default_component_of", full_product_name: { name: "rhn-modperl-0:1.29-16.rhel4.i386 as a component of Red Hat Satellite Proxy v 4.2 (RHEL v.4 AS)", product_id: "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", }, product_reference: "rhn-modperl-0:1.29-16.rhel4.i386", relates_to_product_reference: "4AS-RHNPROXY4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2004-0488", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430867", }, ], notes: [ { category: "description", text: "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl ssl_util_uuencode_binary CA issue", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0488", }, { category: "external", summary: "RHBZ#430867", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430867", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0488", url: "https://www.cve.org/CVERecord?id=CVE-2004-0488", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0488", }, ], release_date: "2004-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl ssl_util_uuencode_binary CA issue", }, { cve: "CVE-2004-0700", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430866", }, ], notes: [ { category: "description", text: "Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.", title: "Vulnerability description", }, { category: "summary", text: "mod_proxy hook format string", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0700", }, { category: "external", summary: "RHBZ#430866", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430866", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0700", url: "https://www.cve.org/CVERecord?id=CVE-2004-0700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0700", }, ], release_date: "2004-07-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "mod_proxy hook format string", }, { cve: "CVE-2004-0885", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430637", }, ], notes: [ { category: "description", text: "The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the \"SSLCipherSuite\" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.", title: "Vulnerability description", }, { category: "summary", text: "mod_ssl SSLCipherSuite bypass", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-0885", }, { category: "external", summary: "RHBZ#430637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430637", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-0885", url: "https://www.cve.org/CVERecord?id=CVE-2004-0885", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-0885", }, ], release_date: "2004-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_ssl SSLCipherSuite bypass", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-1329", ids: [ { system_name: "Red Hat Bugzilla ID", text: "429254", }, ], notes: [ { category: "description", text: "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\".", title: "Vulnerability description", }, { category: "summary", text: "jabberd SASL DoS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-1329", }, { category: "external", summary: "RHBZ#429254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=429254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-1329", url: "https://www.cve.org/CVERecord?id=CVE-2006-1329", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-1329", }, ], release_date: "2006-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jabberd SASL DoS", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, { cve: "CVE-2006-5752", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245112", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.", title: "Vulnerability description", }, { category: "summary", text: "httpd mod_status XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-5752", }, { category: "external", summary: "RHBZ#245112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245112", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-5752", url: "https://www.cve.org/CVERecord?id=CVE-2006-5752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", }, ], release_date: "2007-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd mod_status XSS", }, { cve: "CVE-2007-1349", discovery_date: "2007-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "240423", }, ], notes: [ { category: "description", text: "PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.", title: "Vulnerability description", }, { category: "summary", text: "mod_perl PerlRun denial of service", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-1349", }, { category: "external", summary: "RHBZ#240423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=240423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-1349", url: "https://www.cve.org/CVERecord?id=CVE-2007-1349", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", }, ], release_date: "2007-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mod_perl PerlRun denial of service", }, { cve: "CVE-2007-3304", discovery_date: "2007-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "245111", }, ], notes: [ { category: "description", text: "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"", title: "Vulnerability description", }, { category: "summary", text: "httpd scoreboard lack of PID protection", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-3304", }, { category: "external", summary: "RHBZ#245111", url: "https://bugzilla.redhat.com/show_bug.cgi?id=245111", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-3304", url: "https://www.cve.org/CVERecord?id=CVE-2007-3304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", }, ], release_date: "2007-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd scoreboard lack of PID protection", }, { cve: "CVE-2007-4465", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-09-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "289511", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.", title: "Vulnerability description", }, { category: "summary", text: "mod_autoindex XSS", title: "Vulnerability summary", }, { category: "other", text: "This is actually a flaw in browsers that do not derive the response character set as required by RFC 2616. This does not affect the default configuration of Apache httpd in Red Hat products and will only affect customers who have removed the \"AddDefaultCharset\" directive and are using directory indexes. The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.", title: "Statement", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-4465", }, { category: "external", summary: "RHBZ#289511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=289511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-4465", url: "https://www.cve.org/CVERecord?id=CVE-2007-4465", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-4465", }, ], release_date: "2007-09-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "mod_autoindex XSS", }, { cve: "CVE-2007-5000", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-12-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "419931", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "httpd: mod_imagemap XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-5000", }, { category: "external", summary: "RHBZ#419931", url: "https://bugzilla.redhat.com/show_bug.cgi?id=419931", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-5000", url: "https://www.cve.org/CVERecord?id=CVE-2007-5000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-5000", }, ], release_date: "2007-12-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "httpd: mod_imagemap XSS", }, { cve: "CVE-2007-6388", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2008-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "427228", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "Vulnerability description", }, { category: "summary", text: "apache mod_status cross-site scripting", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-6388", }, { category: "external", summary: "RHBZ#427228", url: "https://bugzilla.redhat.com/show_bug.cgi?id=427228", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-6388", url: "https://www.cve.org/CVERecord?id=CVE-2007-6388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-6388", }, ], release_date: "2007-12-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-06-30T15:29:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", product_ids: [ "3AS-RHNPROXY4.2:jabberd-0:2.0s10-3.37.rhn.i386", "3AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel3.i386", "3AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel3.i386", "4AS-RHNPROXY4.2:jabberd-0:2.0s10-3.38.rhn.i386", "4AS-RHNPROXY4.2:rhn-apache-0:1.3.27-36.rhn.rhel4.i386", "4AS-RHNPROXY4.2:rhn-modperl-0:1.29-16.rhel4.i386", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0523", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "apache mod_status cross-site scripting", }, ], }
RHSA-2006:0692
Vulnerability from csaf_redhat
Published
2006-09-29 15:47
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update for Stronghold
Notes
Topic
An updated version of Apache that addresses several security issues is now
available for Stronghold 4.0 for Enterprise Linux.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header. (CVE-2006-3918)
While a web browser cannot be forced to send an arbitrary Expect header by
a third-party attacker, it was recently discovered that certain versions of
the Flash plugin can manipulate request headers. If users running such
versions can be persuaded to load a web page with a malicious Flash applet,
a cross-site scripting attack against the server may be possible.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
Users of Stronghold should upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated version of Apache that addresses several security issues is now\navailable for Stronghold 4.0 for Enterprise Linux.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.\n\nA bug was found in Apache where an invalid Expect header sent to the server\nwas returned to the user in an unescaped error message. This could\nallow an attacker to perform a cross-site scripting attack if a victim was\ntricked into connecting to a site and sending a carefully crafted Expect\nheader. (CVE-2006-3918)\n\nWhile a web browser cannot be forced to send an arbitrary Expect header by\na third-party attacker, it was recently discovered that certain versions of\nthe Flash plugin can manipulate request headers. If users running such\nversions can be persuaded to load a web page with a malicious Flash applet,\na cross-site scripting attack against the server may be possible.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nUsers of Stronghold should upgrade to these updated packages, which \ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0692", url: "https://access.redhat.com/errata/RHSA-2006:0692", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "207922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=207922", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0692.json", }, ], title: "Red Hat Security Advisory: apache security update for Stronghold", tracking: { current_release_date: "2024-11-14T10:04:47+00:00", generator: { date: "2024-11-14T10:04:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0692", initial_release_date: "2006-09-29T15:47:00+00:00", revision_history: [ { date: "2006-09-29T15:47:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-09-29T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product: { name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_id: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_stronghold:4.0", }, }, }, ], category: "product_family", name: "Stronghold 4.0 for Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, ], }
rhsa-2006:0158
Vulnerability from csaf_redhat
Published
2006-01-17 08:23
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update
Notes
Topic
Updated Apache httpd packages that correct a security issue are now
available for Red Hat Enterprise Linux 2.1.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-3352 to this issue.
Users of apache should upgrade to these updated packages, which contain
a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server. \n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. The Common Vulnerabilities and\nExposures project assigned the name CVE-2005-3352 to this issue.\n\nUsers of apache should upgrade to these updated packages, which contain\na backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0158", url: "https://access.redhat.com/errata/RHSA-2006:0158", }, { category: "external", summary: "175714", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175714", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0158.json", }, ], title: "Red Hat Security Advisory: apache security update", tracking: { current_release_date: "2024-11-14T10:04:06+00:00", generator: { date: "2024-11-14T10:04:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0158", initial_release_date: "2006-01-17T08:23:00+00:00", revision_history: [ { date: "2006-01-17T08:23:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-17T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-17T08:23:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0158", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, ], }
rhsa-2006:0159
Vulnerability from csaf_redhat
Published
2006-01-05 15:59
Modified
2024-11-22 00:08
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated Apache httpd packages that correct three security issues are now
available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A memory leak in the worker MPM could allow remote attackers to cause a
denial of service (memory consumption) via aborted connections, which
prevents the memory for the transaction pool from being reused for other
connections. The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-2970 to this issue. This vulnerability only affects users
who are using the non-default worker MPM.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
A NULL pointer dereference flaw in mod_ssl was discovered affecting server
configurations where an SSL virtual host is configured with access control
and a custom 400 error document. A remote attacker could send a carefully
crafted request to trigger this issue which would lead to a crash. This
crash would only be a denial of service if using the non-default worker
MPM. (CVE-2005-3357)
Users of httpd should update to these erratum packages which contain
backported patches to correct these issues along with some additional bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct three security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause a\ndenial of service (memory consumption) via aborted connections, which\nprevents the memory for the transaction pool from being reused for other\nconnections. The Common Vulnerabilities and Exposures project assigned the\nname CVE-2005-2970 to this issue. This vulnerability only affects users\nwho are using the non-default worker MPM.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the non-default worker\nMPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0159", url: "https://access.redhat.com/errata/RHSA-2006:0159", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "170383", url: "https://bugzilla.redhat.com/show_bug.cgi?id=170383", }, { category: "external", summary: "171756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=171756", }, { category: "external", summary: "175602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175602", }, { category: "external", summary: "175720", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175720", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0159.json", }, ], title: "Red Hat Security Advisory: httpd security update", tracking: { current_release_date: "2024-11-22T00:08:07+00:00", generator: { date: "2024-11-22T00:08:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2006:0159", initial_release_date: "2006-01-05T15:59:00+00:00", revision_history: [ { date: "2006-01-05T15:59:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-05T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:08:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 3", product: { name: "Red Hat Enterprise Linux AS version 3", product_id: "3AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::as", }, }, }, { category: "product_name", name: "Red Hat Desktop version 3", product: { name: "Red Hat Desktop version 3", product_id: "3Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 3", product: { name: "Red Hat Enterprise Linux ES version 3", product_id: "3ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 3", product: { name: "Red Hat Enterprise Linux WS version 3", product_id: "3WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:3::ws", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS version 4", product: { name: "Red Hat Enterprise Linux AS version 4", product_id: "4AS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop version 4", product: { name: "Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::desktop", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4", product: { name: "Red Hat Enterprise Linux ES version 4", product_id: "4ES", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4", product: { name: "Red Hat Enterprise Linux WS version 4", product_id: "4WS", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:4::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ia64", product: { name: "httpd-0:2.0.46-56.ent.ia64", product_id: "httpd-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ia64", product: { name: "httpd-devel-0:2.0.46-56.ent.ia64", product_id: "httpd-devel-0:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ia64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ia64", product: { name: "mod_ssl-1:2.0.46-56.ent.ia64", product_id: "mod_ssl-1:2.0.46-56.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ia64", product: { name: "mod_ssl-1:2.0.52-22.ent.ia64", product_id: "mod_ssl-1:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ia64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ia64", product: { name: "httpd-devel-0:2.0.52-22.ent.ia64", product_id: "httpd-devel-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ia64", product: { name: "httpd-0:2.0.52-22.ent.ia64", product_id: "httpd-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ia64", product: { name: "httpd-manual-0:2.0.52-22.ent.ia64", product_id: "httpd-manual-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ia64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ia64", product: { name: "httpd-suexec-0:2.0.52-22.ent.ia64", product_id: "httpd-suexec-0:2.0.52-22.ent.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.x86_64", product: { name: "httpd-0:2.0.46-56.ent.x86_64", product_id: "httpd-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.x86_64", product: { name: "httpd-devel-0:2.0.46-56.ent.x86_64", product_id: "httpd-devel-0:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.x86_64", product: { name: "mod_ssl-1:2.0.46-56.ent.x86_64", product_id: "mod_ssl-1:2.0.46-56.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.x86_64", product: { name: "mod_ssl-1:2.0.52-22.ent.x86_64", product_id: "mod_ssl-1:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_id: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.x86_64", product: { name: "httpd-devel-0:2.0.52-22.ent.x86_64", product_id: "httpd-devel-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.x86_64", product: { name: "httpd-0:2.0.52-22.ent.x86_64", product_id: "httpd-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.x86_64", product: { name: "httpd-manual-0:2.0.52-22.ent.x86_64", product_id: "httpd-manual-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_id: "httpd-suexec-0:2.0.52-22.ent.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_id: "httpd-debuginfo-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.i386", product: { name: "httpd-0:2.0.46-56.ent.i386", product_id: "httpd-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.i386", product: { name: "httpd-devel-0:2.0.46-56.ent.i386", product_id: "httpd-devel-0:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.i386", product: { name: "mod_ssl-1:2.0.46-56.ent.i386", product_id: "mod_ssl-1:2.0.46-56.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.i386", product: { name: "mod_ssl-1:2.0.52-22.ent.i386", product_id: "mod_ssl-1:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_id: "httpd-debuginfo-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.i386", product: { name: "httpd-devel-0:2.0.52-22.ent.i386", product_id: "httpd-devel-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.i386", product: { name: "httpd-0:2.0.52-22.ent.i386", product_id: "httpd-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.i386", product: { name: "httpd-manual-0:2.0.52-22.ent.i386", product_id: "httpd-manual-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=i386", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.i386", product: { name: "httpd-suexec-0:2.0.52-22.ent.i386", product_id: "httpd-suexec-0:2.0.52-22.ent.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "httpd-0:2.0.46-56.ent.src", product: { name: "httpd-0:2.0.46-56.ent.src", product_id: "httpd-0:2.0.46-56.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.src", product: { name: "httpd-0:2.0.52-22.ent.src", product_id: "httpd-0:2.0.52-22.ent.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_id: "httpd-debuginfo-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.ppc", product: { name: "httpd-0:2.0.46-56.ent.ppc", product_id: "httpd-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.ppc", product: { name: "httpd-devel-0:2.0.46-56.ent.ppc", product_id: "httpd-devel-0:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=ppc", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.ppc", product: { name: "mod_ssl-1:2.0.46-56.ent.ppc", product_id: "mod_ssl-1:2.0.46-56.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.ppc", product: { name: "mod_ssl-1:2.0.52-22.ent.ppc", product_id: "mod_ssl-1:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=ppc&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_id: "httpd-debuginfo-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.ppc", product: { name: "httpd-devel-0:2.0.52-22.ent.ppc", product_id: "httpd-devel-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.ppc", product: { name: "httpd-0:2.0.52-22.ent.ppc", product_id: "httpd-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.ppc", product: { name: "httpd-manual-0:2.0.52-22.ent.ppc", product_id: "httpd-manual-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=ppc", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.ppc", product: { name: "httpd-suexec-0:2.0.52-22.ent.ppc", product_id: "httpd-suexec-0:2.0.52-22.ent.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390x", product: { name: "httpd-0:2.0.46-56.ent.s390x", product_id: "httpd-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390x", product: { name: "httpd-devel-0:2.0.46-56.ent.s390x", product_id: "httpd-devel-0:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390x", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390x", product: { name: "mod_ssl-1:2.0.46-56.ent.s390x", product_id: "mod_ssl-1:2.0.46-56.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390x", product: { name: "mod_ssl-1:2.0.52-22.ent.s390x", product_id: "mod_ssl-1:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390x", product: { name: "httpd-devel-0:2.0.52-22.ent.s390x", product_id: "httpd-devel-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390x", product: { name: "httpd-0:2.0.52-22.ent.s390x", product_id: "httpd-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390x", product: { name: "httpd-manual-0:2.0.52-22.ent.s390x", product_id: "httpd-manual-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390x", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390x", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390x", product_id: "httpd-suexec-0:2.0.52-22.ent.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_id: "httpd-debuginfo-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.46-56.ent.s390", product: { name: "httpd-0:2.0.46-56.ent.s390", product_id: "httpd-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.46-56.ent.s390", product: { name: "httpd-devel-0:2.0.46-56.ent.s390", product_id: "httpd-devel-0:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.46-56.ent?arch=s390", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.46-56.ent.s390", product: { name: "mod_ssl-1:2.0.46-56.ent.s390", product_id: "mod_ssl-1:2.0.46-56.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.46-56.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "mod_ssl-1:2.0.52-22.ent.s390", product: { name: "mod_ssl-1:2.0.52-22.ent.s390", product_id: "mod_ssl-1:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.0.52-22.ent?arch=s390&epoch=1", }, }, }, { category: "product_version", name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_id: "httpd-debuginfo-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-debuginfo@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-devel-0:2.0.52-22.ent.s390", product: { name: "httpd-devel-0:2.0.52-22.ent.s390", product_id: "httpd-devel-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-0:2.0.52-22.ent.s390", product: { name: "httpd-0:2.0.52-22.ent.s390", product_id: "httpd-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-manual-0:2.0.52-22.ent.s390", product: { name: "httpd-manual-0:2.0.52-22.ent.s390", product_id: "httpd-manual-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.0.52-22.ent?arch=s390", }, }, }, { category: "product_version", name: "httpd-suexec-0:2.0.52-22.ent.s390", product: { name: "httpd-suexec-0:2.0.52-22.ent.s390", product_id: "httpd-suexec-0:2.0.52-22.ent.s390", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-suexec@2.0.52-22.ent?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 3", product_id: "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Desktop version 3", product_id: "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 3", product_id: "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.i386", }, product_reference: "httpd-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390", }, product_reference: "httpd-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.src as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.src", }, product_reference: "httpd-0:2.0.46-56.ent.src", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.i386", }, product_reference: "httpd-devel-0:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ia64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.ppc", }, product_reference: "httpd-devel-0:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.s390x", }, product_reference: "httpd-devel-0:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.i386 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.i386", }, product_reference: "mod_ssl-1:2.0.46-56.ent.i386", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ia64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ia64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ia64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.ppc as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.ppc", }, product_reference: "mod_ssl-1:2.0.46-56.ent.ppc", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.s390x as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.s390x", }, product_reference: "mod_ssl-1:2.0.46-56.ent.s390x", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.46-56.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 3", product_id: "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.46-56.ent.x86_64", relates_to_product_reference: "3WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4", product_id: "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4AS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", product_id: "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4Desktop", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4", product_id: "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4ES", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.i386", }, product_reference: "httpd-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390", }, product_reference: "httpd-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.src as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.src", }, product_reference: "httpd-0:2.0.52-22.ent.src", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-debuginfo-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-debuginfo-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.i386", }, product_reference: "httpd-devel-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-devel-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-devel-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-devel-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.i386", }, product_reference: "httpd-manual-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-manual-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-manual-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-manual-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.i386", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "httpd-suexec-0:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", }, product_reference: "httpd-suexec-0:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.i386 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.i386", }, product_reference: "mod_ssl-1:2.0.52-22.ent.i386", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ia64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ia64", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.ppc as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.ppc", }, product_reference: "mod_ssl-1:2.0.52-22.ent.ppc", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.s390x as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.s390x", }, product_reference: "mod_ssl-1:2.0.52-22.ent.s390x", relates_to_product_reference: "4WS", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.0.52-22.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4", product_id: "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", }, product_reference: "mod_ssl-1:2.0.52-22.ent.x86_64", relates_to_product_reference: "4WS", }, ], }, vulnerabilities: [ { cve: "CVE-2005-2970", discovery_date: "2005-10-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617769", }, ], notes: [ { category: "description", text: "Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2970", }, { category: "external", summary: "RHBZ#1617769", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617769", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2970", url: "https://www.cve.org/CVERecord?id=CVE-2005-2970", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2970", }, ], release_date: "2005-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3357", discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617818", }, ], notes: [ { category: "description", text: "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3357", }, { category: "external", summary: "RHBZ#1617818", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617818", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3357", url: "https://www.cve.org/CVERecord?id=CVE-2005-3357", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3357", }, ], release_date: "2005-12-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-05T15:59:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "3AS:httpd-0:2.0.46-56.ent.i386", "3AS:httpd-0:2.0.46-56.ent.ia64", "3AS:httpd-0:2.0.46-56.ent.ppc", "3AS:httpd-0:2.0.46-56.ent.s390", "3AS:httpd-0:2.0.46-56.ent.s390x", "3AS:httpd-0:2.0.46-56.ent.src", "3AS:httpd-0:2.0.46-56.ent.x86_64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3AS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3AS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3AS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3AS:httpd-devel-0:2.0.46-56.ent.i386", "3AS:httpd-devel-0:2.0.46-56.ent.ia64", "3AS:httpd-devel-0:2.0.46-56.ent.ppc", "3AS:httpd-devel-0:2.0.46-56.ent.s390", "3AS:httpd-devel-0:2.0.46-56.ent.s390x", "3AS:httpd-devel-0:2.0.46-56.ent.x86_64", "3AS:mod_ssl-1:2.0.46-56.ent.i386", "3AS:mod_ssl-1:2.0.46-56.ent.ia64", "3AS:mod_ssl-1:2.0.46-56.ent.ppc", "3AS:mod_ssl-1:2.0.46-56.ent.s390", "3AS:mod_ssl-1:2.0.46-56.ent.s390x", "3AS:mod_ssl-1:2.0.46-56.ent.x86_64", "3Desktop:httpd-0:2.0.46-56.ent.i386", "3Desktop:httpd-0:2.0.46-56.ent.ia64", "3Desktop:httpd-0:2.0.46-56.ent.ppc", "3Desktop:httpd-0:2.0.46-56.ent.s390", "3Desktop:httpd-0:2.0.46-56.ent.s390x", "3Desktop:httpd-0:2.0.46-56.ent.src", "3Desktop:httpd-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.i386", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3Desktop:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3Desktop:httpd-devel-0:2.0.46-56.ent.i386", "3Desktop:httpd-devel-0:2.0.46-56.ent.ia64", "3Desktop:httpd-devel-0:2.0.46-56.ent.ppc", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390", "3Desktop:httpd-devel-0:2.0.46-56.ent.s390x", "3Desktop:httpd-devel-0:2.0.46-56.ent.x86_64", "3Desktop:mod_ssl-1:2.0.46-56.ent.i386", "3Desktop:mod_ssl-1:2.0.46-56.ent.ia64", "3Desktop:mod_ssl-1:2.0.46-56.ent.ppc", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390", "3Desktop:mod_ssl-1:2.0.46-56.ent.s390x", "3Desktop:mod_ssl-1:2.0.46-56.ent.x86_64", "3ES:httpd-0:2.0.46-56.ent.i386", "3ES:httpd-0:2.0.46-56.ent.ia64", "3ES:httpd-0:2.0.46-56.ent.ppc", "3ES:httpd-0:2.0.46-56.ent.s390", "3ES:httpd-0:2.0.46-56.ent.s390x", "3ES:httpd-0:2.0.46-56.ent.src", "3ES:httpd-0:2.0.46-56.ent.x86_64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.i386", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3ES:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390", "3ES:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3ES:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3ES:httpd-devel-0:2.0.46-56.ent.i386", "3ES:httpd-devel-0:2.0.46-56.ent.ia64", "3ES:httpd-devel-0:2.0.46-56.ent.ppc", "3ES:httpd-devel-0:2.0.46-56.ent.s390", "3ES:httpd-devel-0:2.0.46-56.ent.s390x", "3ES:httpd-devel-0:2.0.46-56.ent.x86_64", "3ES:mod_ssl-1:2.0.46-56.ent.i386", "3ES:mod_ssl-1:2.0.46-56.ent.ia64", "3ES:mod_ssl-1:2.0.46-56.ent.ppc", "3ES:mod_ssl-1:2.0.46-56.ent.s390", "3ES:mod_ssl-1:2.0.46-56.ent.s390x", "3ES:mod_ssl-1:2.0.46-56.ent.x86_64", "3WS:httpd-0:2.0.46-56.ent.i386", "3WS:httpd-0:2.0.46-56.ent.ia64", "3WS:httpd-0:2.0.46-56.ent.ppc", "3WS:httpd-0:2.0.46-56.ent.s390", "3WS:httpd-0:2.0.46-56.ent.s390x", "3WS:httpd-0:2.0.46-56.ent.src", "3WS:httpd-0:2.0.46-56.ent.x86_64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.i386", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ia64", "3WS:httpd-debuginfo-0:2.0.46-56.ent.ppc", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390", "3WS:httpd-debuginfo-0:2.0.46-56.ent.s390x", "3WS:httpd-debuginfo-0:2.0.46-56.ent.x86_64", "3WS:httpd-devel-0:2.0.46-56.ent.i386", "3WS:httpd-devel-0:2.0.46-56.ent.ia64", "3WS:httpd-devel-0:2.0.46-56.ent.ppc", "3WS:httpd-devel-0:2.0.46-56.ent.s390", "3WS:httpd-devel-0:2.0.46-56.ent.s390x", "3WS:httpd-devel-0:2.0.46-56.ent.x86_64", "3WS:mod_ssl-1:2.0.46-56.ent.i386", "3WS:mod_ssl-1:2.0.46-56.ent.ia64", "3WS:mod_ssl-1:2.0.46-56.ent.ppc", "3WS:mod_ssl-1:2.0.46-56.ent.s390", "3WS:mod_ssl-1:2.0.46-56.ent.s390x", "3WS:mod_ssl-1:2.0.46-56.ent.x86_64", "4AS:httpd-0:2.0.52-22.ent.i386", "4AS:httpd-0:2.0.52-22.ent.ia64", "4AS:httpd-0:2.0.52-22.ent.ppc", "4AS:httpd-0:2.0.52-22.ent.s390", "4AS:httpd-0:2.0.52-22.ent.s390x", "4AS:httpd-0:2.0.52-22.ent.src", "4AS:httpd-0:2.0.52-22.ent.x86_64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4AS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4AS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4AS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4AS:httpd-devel-0:2.0.52-22.ent.i386", "4AS:httpd-devel-0:2.0.52-22.ent.ia64", "4AS:httpd-devel-0:2.0.52-22.ent.ppc", "4AS:httpd-devel-0:2.0.52-22.ent.s390", "4AS:httpd-devel-0:2.0.52-22.ent.s390x", "4AS:httpd-devel-0:2.0.52-22.ent.x86_64", "4AS:httpd-manual-0:2.0.52-22.ent.i386", "4AS:httpd-manual-0:2.0.52-22.ent.ia64", "4AS:httpd-manual-0:2.0.52-22.ent.ppc", "4AS:httpd-manual-0:2.0.52-22.ent.s390", "4AS:httpd-manual-0:2.0.52-22.ent.s390x", "4AS:httpd-manual-0:2.0.52-22.ent.x86_64", "4AS:httpd-suexec-0:2.0.52-22.ent.i386", "4AS:httpd-suexec-0:2.0.52-22.ent.ia64", "4AS:httpd-suexec-0:2.0.52-22.ent.ppc", "4AS:httpd-suexec-0:2.0.52-22.ent.s390", "4AS:httpd-suexec-0:2.0.52-22.ent.s390x", "4AS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4AS:mod_ssl-1:2.0.52-22.ent.i386", "4AS:mod_ssl-1:2.0.52-22.ent.ia64", "4AS:mod_ssl-1:2.0.52-22.ent.ppc", "4AS:mod_ssl-1:2.0.52-22.ent.s390", "4AS:mod_ssl-1:2.0.52-22.ent.s390x", "4AS:mod_ssl-1:2.0.52-22.ent.x86_64", "4Desktop:httpd-0:2.0.52-22.ent.i386", "4Desktop:httpd-0:2.0.52-22.ent.ia64", "4Desktop:httpd-0:2.0.52-22.ent.ppc", "4Desktop:httpd-0:2.0.52-22.ent.s390", "4Desktop:httpd-0:2.0.52-22.ent.s390x", "4Desktop:httpd-0:2.0.52-22.ent.src", "4Desktop:httpd-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.i386", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4Desktop:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-devel-0:2.0.52-22.ent.i386", "4Desktop:httpd-devel-0:2.0.52-22.ent.ia64", "4Desktop:httpd-devel-0:2.0.52-22.ent.ppc", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390", "4Desktop:httpd-devel-0:2.0.52-22.ent.s390x", "4Desktop:httpd-devel-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-manual-0:2.0.52-22.ent.i386", "4Desktop:httpd-manual-0:2.0.52-22.ent.ia64", "4Desktop:httpd-manual-0:2.0.52-22.ent.ppc", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390", "4Desktop:httpd-manual-0:2.0.52-22.ent.s390x", "4Desktop:httpd-manual-0:2.0.52-22.ent.x86_64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.i386", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ia64", "4Desktop:httpd-suexec-0:2.0.52-22.ent.ppc", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390", "4Desktop:httpd-suexec-0:2.0.52-22.ent.s390x", "4Desktop:httpd-suexec-0:2.0.52-22.ent.x86_64", "4Desktop:mod_ssl-1:2.0.52-22.ent.i386", "4Desktop:mod_ssl-1:2.0.52-22.ent.ia64", "4Desktop:mod_ssl-1:2.0.52-22.ent.ppc", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390", "4Desktop:mod_ssl-1:2.0.52-22.ent.s390x", "4Desktop:mod_ssl-1:2.0.52-22.ent.x86_64", "4ES:httpd-0:2.0.52-22.ent.i386", "4ES:httpd-0:2.0.52-22.ent.ia64", "4ES:httpd-0:2.0.52-22.ent.ppc", "4ES:httpd-0:2.0.52-22.ent.s390", "4ES:httpd-0:2.0.52-22.ent.s390x", "4ES:httpd-0:2.0.52-22.ent.src", "4ES:httpd-0:2.0.52-22.ent.x86_64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.i386", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4ES:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390", "4ES:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4ES:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4ES:httpd-devel-0:2.0.52-22.ent.i386", "4ES:httpd-devel-0:2.0.52-22.ent.ia64", "4ES:httpd-devel-0:2.0.52-22.ent.ppc", "4ES:httpd-devel-0:2.0.52-22.ent.s390", "4ES:httpd-devel-0:2.0.52-22.ent.s390x", "4ES:httpd-devel-0:2.0.52-22.ent.x86_64", "4ES:httpd-manual-0:2.0.52-22.ent.i386", "4ES:httpd-manual-0:2.0.52-22.ent.ia64", "4ES:httpd-manual-0:2.0.52-22.ent.ppc", "4ES:httpd-manual-0:2.0.52-22.ent.s390", "4ES:httpd-manual-0:2.0.52-22.ent.s390x", "4ES:httpd-manual-0:2.0.52-22.ent.x86_64", "4ES:httpd-suexec-0:2.0.52-22.ent.i386", "4ES:httpd-suexec-0:2.0.52-22.ent.ia64", "4ES:httpd-suexec-0:2.0.52-22.ent.ppc", "4ES:httpd-suexec-0:2.0.52-22.ent.s390", "4ES:httpd-suexec-0:2.0.52-22.ent.s390x", "4ES:httpd-suexec-0:2.0.52-22.ent.x86_64", "4ES:mod_ssl-1:2.0.52-22.ent.i386", "4ES:mod_ssl-1:2.0.52-22.ent.ia64", "4ES:mod_ssl-1:2.0.52-22.ent.ppc", "4ES:mod_ssl-1:2.0.52-22.ent.s390", "4ES:mod_ssl-1:2.0.52-22.ent.s390x", "4ES:mod_ssl-1:2.0.52-22.ent.x86_64", "4WS:httpd-0:2.0.52-22.ent.i386", "4WS:httpd-0:2.0.52-22.ent.ia64", "4WS:httpd-0:2.0.52-22.ent.ppc", "4WS:httpd-0:2.0.52-22.ent.s390", "4WS:httpd-0:2.0.52-22.ent.s390x", "4WS:httpd-0:2.0.52-22.ent.src", "4WS:httpd-0:2.0.52-22.ent.x86_64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.i386", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ia64", "4WS:httpd-debuginfo-0:2.0.52-22.ent.ppc", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390", "4WS:httpd-debuginfo-0:2.0.52-22.ent.s390x", "4WS:httpd-debuginfo-0:2.0.52-22.ent.x86_64", "4WS:httpd-devel-0:2.0.52-22.ent.i386", "4WS:httpd-devel-0:2.0.52-22.ent.ia64", "4WS:httpd-devel-0:2.0.52-22.ent.ppc", "4WS:httpd-devel-0:2.0.52-22.ent.s390", "4WS:httpd-devel-0:2.0.52-22.ent.s390x", "4WS:httpd-devel-0:2.0.52-22.ent.x86_64", "4WS:httpd-manual-0:2.0.52-22.ent.i386", "4WS:httpd-manual-0:2.0.52-22.ent.ia64", "4WS:httpd-manual-0:2.0.52-22.ent.ppc", "4WS:httpd-manual-0:2.0.52-22.ent.s390", "4WS:httpd-manual-0:2.0.52-22.ent.s390x", "4WS:httpd-manual-0:2.0.52-22.ent.x86_64", "4WS:httpd-suexec-0:2.0.52-22.ent.i386", "4WS:httpd-suexec-0:2.0.52-22.ent.ia64", "4WS:httpd-suexec-0:2.0.52-22.ent.ppc", "4WS:httpd-suexec-0:2.0.52-22.ent.s390", "4WS:httpd-suexec-0:2.0.52-22.ent.s390x", "4WS:httpd-suexec-0:2.0.52-22.ent.x86_64", "4WS:mod_ssl-1:2.0.52-22.ent.i386", "4WS:mod_ssl-1:2.0.52-22.ent.ia64", "4WS:mod_ssl-1:2.0.52-22.ent.ppc", "4WS:mod_ssl-1:2.0.52-22.ent.s390", "4WS:mod_ssl-1:2.0.52-22.ent.s390x", "4WS:mod_ssl-1:2.0.52-22.ent.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0159", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, ], }
rhsa-2006:0692
Vulnerability from csaf_redhat
Published
2006-09-29 15:47
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update for Stronghold
Notes
Topic
An updated version of Apache that addresses several security issues is now
available for Stronghold 4.0 for Enterprise Linux.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header. (CVE-2006-3918)
While a web browser cannot be forced to send an arbitrary Expect header by
a third-party attacker, it was recently discovered that certain versions of
the Flash plugin can manipulate request headers. If users running such
versions can be persuaded to load a web page with a malicious Flash applet,
a cross-site scripting attack against the server may be possible.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. (CVE-2005-3352)
Users of Stronghold should upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated version of Apache that addresses several security issues is now\navailable for Stronghold 4.0 for Enterprise Linux.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP server is a powerful, full-featured, efficient, and\nfreely-available Web server.\n\nA bug was found in Apache where an invalid Expect header sent to the server\nwas returned to the user in an unescaped error message. This could\nallow an attacker to perform a cross-site scripting attack if a victim was\ntricked into connecting to a site and sending a carefully crafted Expect\nheader. (CVE-2006-3918)\n\nWhile a web browser cannot be forced to send an arbitrary Expect header by\na third-party attacker, it was recently discovered that certain versions of\nthe Flash plugin can manipulate request headers. If users running such\nversions can be persuaded to load a web page with a malicious Flash applet,\na cross-site scripting attack against the server may be possible.\n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. (CVE-2005-3352)\n\nUsers of Stronghold should upgrade to these updated packages, which \ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0692", url: "https://access.redhat.com/errata/RHSA-2006:0692", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "207922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=207922", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0692.json", }, ], title: "Red Hat Security Advisory: apache security update for Stronghold", tracking: { current_release_date: "2024-11-14T10:04:47+00:00", generator: { date: "2024-11-14T10:04:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0692", initial_release_date: "2006-09-29T15:47:00+00:00", revision_history: [ { date: "2006-09-29T15:47:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-09-29T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product: { name: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_id: "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_stronghold:4.0", }, }, }, ], category: "product_family", name: "Stronghold 4.0 for Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2006-3918", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2006-07-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "200732", }, ], notes: [ { category: "description", text: "http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.", title: "Vulnerability description", }, { category: "summary", text: "httpd: Expect header XSS", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-3918", }, { category: "external", summary: "RHBZ#200732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=200732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-3918", url: "https://www.cve.org/CVERecord?id=CVE-2006-3918", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-3918", }, ], release_date: "2006-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-09-29T15:47:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0692", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd: Expect header XSS", }, ], }
rhsa-2006_0158
Vulnerability from csaf_redhat
Published
2006-01-17 08:23
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: apache security update
Notes
Topic
Updated Apache httpd packages that correct a security issue are now
available for Red Hat Enterprise Linux 2.1.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
The Apache HTTP Server is a popular and freely-available Web server.
A flaw in mod_imap when using the Referer directive with image maps was
discovered. With certain site configurations, a remote attacker could
perform a cross-site scripting attack if a victim can be forced to visit a
malicious URL using certain web browsers. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-3352 to this issue.
Users of apache should upgrade to these updated packages, which contain
a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Apache httpd packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Apache HTTP Server is a popular and freely-available Web server. \n\nA flaw in mod_imap when using the Referer directive with image maps was\ndiscovered. With certain site configurations, a remote attacker could\nperform a cross-site scripting attack if a victim can be forced to visit a\nmalicious URL using certain web browsers. The Common Vulnerabilities and\nExposures project assigned the name CVE-2005-3352 to this issue.\n\nUsers of apache should upgrade to these updated packages, which contain\na backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2006:0158", url: "https://access.redhat.com/errata/RHSA-2006:0158", }, { category: "external", summary: "175714", url: "https://bugzilla.redhat.com/show_bug.cgi?id=175714", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0158.json", }, ], title: "Red Hat Security Advisory: apache security update", tracking: { current_release_date: "2024-11-14T10:04:06+00:00", generator: { date: "2024-11-14T10:04:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2006:0158", initial_release_date: "2006-01-17T08:23:00+00:00", revision_history: [ { date: "2006-01-17T08:23:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-01-17T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:04:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2006-01-17T08:23:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2006:0158", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, ], }
rhsa-2005_882
Vulnerability from csaf_redhat
Published
2005-12-19 17:29
Modified
2024-11-22 00:00
Summary
Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold that fix security issues in
mod_ssl, mod_imap, OpenSSL, and PHP are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
Stronghold 4 contains a number of open source technologies, including
mod_ssl and the Apache HTTP Server.
Several security issues have been found that affect cross-platform
Stronghold 4:
A flaw in mod_imap when using the Referer directive with image maps. With
certain site configurations, a remote attacker could perform a cross-site
scripting attack if a victim can be forced to visit a malicious URL using
certain web browsers. (CVE-2005-3352)
A flaw in mod_ssl triggered if a virtual host was configured using
"SSLVerifyClient optional" and a directive "SSLVerifyClient required" is
set for a specific location. For servers configured in this fashion, an
attacker may be able to access resources that should otherwise be
protected. (CVE-2005-2700)
Flaws in shmop_write, pack, and unpack PHP functions. These functions are
not normally passed user-supplied data, so would require a malicious PHP
script to be exploited. (CVE-2004-1018)
Various flaws, including possible information disclosure, double free, and
negative reference index array underflow in the deserialization code of
PHP. PHP applications may use the unserialize function of untrusted user
data, which could allow a remote attacker to gain access to memory or
potentially execute arbitrary code. (CVE-2004-1019)
A flaw in the way PHP registers global variables during a file upload
request. A remote attacker could submit a carefully crafted
multipart/form-data POST request that would overwrite the $GLOBALS array,
altering expected script behavior, and possibly leading to the execution of
arbitrary PHP commands. Note that this vulnerability only affects
installations which have register_globals enabled in the PHP configuration
file, which is not a default or recommended option. (CVE-2005-3390)
A flaw in the PHP parse_str() function. If a PHP script passes only one
argument to the parse_str() function, and the script can be forced to abort
execution during operation (for example due to the memory_limit setting),
the register_globals may be enabled even if it is disabled in the PHP
configuration file. This vulnerability only affects installations that have
PHP scripts using the parse_str function in this way. (CVE-2005-3389)
A Cross-Site Scripting flaw in the phpinfo() function. If a victim can be
tricked into following a malicious URL to a site with a page displaying the
phpinfo() output, it may be possible to inject javascript or HTML content
into the displayed page or steal data such as cookies. This vulnerability
only affects installations that allow users to view the output of the
phpinfo() function. As the phpinfo() function outputs a large amount of
information about the current state of PHP, it should only be used during
debugging or if protected by authentication. (CVE-2005-3388)
OpenSSL contained a software work-around for a bug in SSL handling in
Microsoft Internet Explorer version 3.0.2. This work-around is enabled in
most servers that use OpenSSL to provide support for SSL and TLS. Yutaka
Oiwa discovered that this work-around could allow an attacker, acting as a
"man in the middle", to force an SSL connection to use SSL 2.0 rather than
a stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)
Colin Percival reported a cache timing attack that could allow a malicious
local user to gain portions of cryptographic keys. The OpenSSL library has
been patched to add a new fixed-window mod_exp implementation as default
for RSA, DSA, and DH private-key operations. This patch is designed to
mitigate cache timing and potentially related attacks. (CVE-2005-0109)
Stronghold users are advised to upgrade to these updated packages, which
resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold that fix security issues in\nmod_ssl, mod_imap, OpenSSL, and PHP are now available.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains a number of open source technologies, including\nmod_ssl and the Apache HTTP Server.\n\nSeveral security issues have been found that affect cross-platform\nStronghold 4: \n\nA flaw in mod_imap when using the Referer directive with image maps. With\ncertain site configurations, a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious URL using\ncertain web browsers. (CVE-2005-3352) \n\nA flaw in mod_ssl triggered if a virtual host was configured using\n\"SSLVerifyClient optional\" and a directive \"SSLVerifyClient required\" is\nset for a specific location. For servers configured in this fashion, an\nattacker may be able to access resources that should otherwise be\nprotected. (CVE-2005-2700) \n\nFlaws in shmop_write, pack, and unpack PHP functions. These functions are\nnot normally passed user-supplied data, so would require a malicious PHP\nscript to be exploited. (CVE-2004-1018) \n\nVarious flaws, including possible information disclosure, double free, and\nnegative reference index array underflow in the deserialization code of\nPHP. PHP applications may use the unserialize function of untrusted user\ndata, which could allow a remote attacker to gain access to memory or\npotentially execute arbitrary code. (CVE-2004-1019) \n\nA flaw in the way PHP registers global variables during a file upload\nrequest. A remote attacker could submit a carefully crafted\nmultipart/form-data POST request that would overwrite the $GLOBALS array,\naltering expected script behavior, and possibly leading to the execution of\narbitrary PHP commands. Note that this vulnerability only affects\ninstallations which have register_globals enabled in the PHP configuration\nfile, which is not a default or recommended option. (CVE-2005-3390)\n\nA flaw in the PHP parse_str() function. If a PHP script passes only one\nargument to the parse_str() function, and the script can be forced to abort\nexecution during operation (for example due to the memory_limit setting),\nthe register_globals may be enabled even if it is disabled in the PHP\nconfiguration file. This vulnerability only affects installations that have\nPHP scripts using the parse_str function in this way. (CVE-2005-3389)\n\nA Cross-Site Scripting flaw in the phpinfo() function. If a victim can be\ntricked into following a malicious URL to a site with a page displaying the\nphpinfo() output, it may be possible to inject javascript or HTML content\ninto the displayed page or steal data such as cookies. This vulnerability\nonly affects installations that allow users to view the output of the\nphpinfo() function. As the phpinfo() function outputs a large amount of\ninformation about the current state of PHP, it should only be used during\ndebugging or if protected by authentication. (CVE-2005-3388) \n\nOpenSSL contained a software work-around for a bug in SSL handling in\nMicrosoft Internet Explorer version 3.0.2. This work-around is enabled in\nmost servers that use OpenSSL to provide support for SSL and TLS. Yutaka\nOiwa discovered that this work-around could allow an attacker, acting as a\n\"man in the middle\", to force an SSL connection to use SSL 2.0 rather than\na stronger protocol such as SSL 3.0 or TLS 1.0. (CAN-2005-2969)\n\nColin Percival reported a cache timing attack that could allow a malicious\nlocal user to gain portions of cryptographic keys. The OpenSSL library has\nbeen patched to add a new fixed-window mod_exp implementation as default\nfor RSA, DSA, and DH private-key operations. This patch is designed to\nmitigate cache timing and potentially related attacks. (CVE-2005-0109)\n\nStronghold users are advised to upgrade to these updated packages, which\nresolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2005:882", url: "https://access.redhat.com/errata/RHSA-2005:882", }, { category: "external", summary: "http://stronghold.redhat.com/support/upgrade-sh4", url: "http://stronghold.redhat.com/support/upgrade-sh4", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_882.json", }, ], title: "Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold", tracking: { current_release_date: "2024-11-22T00:00:58+00:00", generator: { date: "2024-11-22T00:00:58+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2005:882", initial_release_date: "2005-12-19T17:29:00+00:00", revision_history: [ { date: "2005-12-19T17:29:00+00:00", number: "1", summary: "Initial version", }, { date: "2006-11-20T15:43:12+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T00:00:58+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2004-1018", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617352", }, ], notes: [ { category: "description", text: "Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an \"integer overflow/underflow\" in the pack function, or (3) an \"integer overflow/underflow\" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1018", }, { category: "external", summary: "RHBZ#1617352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617352", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1018", url: "https://www.cve.org/CVERecord?id=CVE-2004-1018", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1018", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2004-1019", discovery_date: "2004-11-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617353", }, ], notes: [ { category: "description", text: "The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger \"information disclosure, double-free and negative reference index array underflow\" results.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2004-1019", }, { category: "external", summary: "RHBZ#1617353", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617353", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2004-1019", url: "https://www.cve.org/CVERecord?id=CVE-2004-1019", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", url: "https://nvd.nist.gov/vuln/detail/CVE-2004-1019", }, ], release_date: "2004-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-0109", discovery_date: "2005-02-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617463", }, ], notes: [ { category: "description", text: "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-0109", }, { category: "external", summary: "RHBZ#1617463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-0109", url: "https://www.cve.org/CVERecord?id=CVE-2005-0109", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-0109", }, ], release_date: "2005-05-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2005-2700", discovery_date: "2005-08-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617741", }, ], notes: [ { category: "description", text: "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2700", }, { category: "external", summary: "RHBZ#1617741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617741", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2700", url: "https://www.cve.org/CVERecord?id=CVE-2005-2700", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2700", }, ], release_date: "2005-08-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2005-2969", discovery_date: "2005-10-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430660", }, ], notes: [ { category: "description", text: "The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack.", title: "Vulnerability description", }, { category: "summary", text: "openssl mitm downgrade attack", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-2969", }, { category: "external", summary: "RHBZ#430660", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430660", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-2969", url: "https://www.cve.org/CVERecord?id=CVE-2005-2969", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-2969", }, ], release_date: "2005-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl mitm downgrade attack", }, { cve: "CVE-2005-3352", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2005-12-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "430524", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "Vulnerability description", }, { category: "summary", text: "httpd cross-site scripting flaw in mod_imap", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "RHBZ#430524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=430524", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3352", url: "https://www.cve.org/CVERecord?id=CVE-2005-3352", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, ], release_date: "2005-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "httpd cross-site scripting flaw in mod_imap", }, { cve: "CVE-2005-3388", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617821", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a \"stacked array assignment.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3388", }, { category: "external", summary: "RHBZ#1617821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617821", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3388", url: "https://www.cve.org/CVERecord?id=CVE-2005-3388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3388", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3389", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617822", }, ], notes: [ { category: "description", text: "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3389", }, { category: "external", summary: "RHBZ#1617822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3389", url: "https://www.cve.org/CVERecord?id=CVE-2005-3389", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3389", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "security flaw", }, { cve: "CVE-2005-3390", discovery_date: "2005-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1617823", }, ], notes: [ { category: "description", text: "The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a \"GLOBALS\" fileupload field.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2005-3390", }, { category: "external", summary: "RHBZ#1617823", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1617823", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2005-3390", url: "https://www.cve.org/CVERecord?id=CVE-2005-3390", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3390", }, ], release_date: "2005-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2005-12-19T17:29:00+00:00", details: "Updated Stronghold 4 packages containing backported patches to correct\nthese issues are now available via the update agent service. Run the\nfollowing command from the Stronghold 4 install root to upgrade an existing\nStronghold 4 installation to the new package versions:\n\n$ bin/agent\n\nThe Stronghold 4.0k patch release which contains these updated packages is\nalso available from the download site.\n\nAfter upgrading Stronghold, the server must be completely restarted by\nrunning the following commands from the install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nrefer to http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2005:882", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, ], }
gsd-2005-3352
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
Aliases
Aliases
{ GSD: { alias: "CVE-2005-3352", description: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", id: "GSD-2005-3352", references: [ "https://www.suse.com/security/cve/CVE-2005-3352.html", "https://www.debian.org/security/2006/dsa-1167", "https://access.redhat.com/errata/RHSA-2008:0523", "https://access.redhat.com/errata/RHSA-2006:0692", "https://access.redhat.com/errata/RHSA-2006:0159", "https://access.redhat.com/errata/RHSA-2006:0158", "https://access.redhat.com/errata/RHSA-2005:882", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2005-3352", ], details: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", id: "GSD-2005-3352", modified: "2023-12-13T01:20:12.931384Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2005-3352", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "17319", refsource: "SECUNIA", url: "http://secunia.com/advisories/17319", }, { name: "ADV-2006-3995", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/3995", }, { name: "18526", refsource: "SECUNIA", url: "http://secunia.com/advisories/18526", }, { name: "20046", refsource: "SECUNIA", url: "http://secunia.com/advisories/20046", }, { name: "102662", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { name: "1015344", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015344", }, { name: "SSRT071293", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "DSA-1167", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1167", }, { name: "18339", refsource: "SECUNIA", url: "http://secunia.com/advisories/18339", }, { name: "SSRT061265", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "ADV-2006-4300", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4300", }, { name: "21744", refsource: "SECUNIA", url: "http://secunia.com/advisories/21744", }, { name: "SUSE-SR:2006:004", refsource: "SUSE", url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { name: "18340", refsource: "SECUNIA", url: "http://secunia.com/advisories/18340", }, { name: "ADV-2008-1246", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { name: "HPSBUX02164", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { name: "SSRT061269", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "20670", refsource: "SECUNIA", url: "http://secunia.com/advisories/20670", }, { name: "SSRT090208", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "23260", refsource: "SECUNIA", url: "http://secunia.com/advisories/23260", }, { name: "RHSA-2006:0159", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { name: "18008", refsource: "SECUNIA", url: "http://secunia.com/advisories/18008", }, { name: "SUSE-SA:2006:043", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { name: "ADV-2006-2423", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/2423", }, { name: "ADV-2008-0924", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "MDKSA-2006:007", refsource: "MANDRIVA", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { name: "29849", refsource: "SECUNIA", url: "http://secunia.com/advisories/29849", }, { name: "18333", refsource: "SECUNIA", url: "http://secunia.com/advisories/18333", }, { name: "ADV-2006-4015", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4015", }, { name: "USN-241-1", refsource: "UBUNTU", url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { name: "TA08-150A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "20060101-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { name: "OpenPKG-SA-2005.029", refsource: "OPENPKG", url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { name: "22368", refsource: "SECUNIA", url: "http://secunia.com/advisories/22368", }, { name: "HPSBUX02145", refsource: "HP", url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "102663", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { name: "RHSA-2006:0158", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { name: "29420", refsource: "SECUNIA", url: "http://secunia.com/advisories/29420", }, { name: "FLSA-2006:175406", refsource: "FEDORA", url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { name: "FEDORA-2006-052", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { name: "SUSE-SR:2007:011", refsource: "SUSE", url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { name: "ADV-2006-4868", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/4868", }, { name: "APPLE-SA-2008-03-18", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "HPSBMA02328", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { name: "30430", refsource: "SECUNIA", url: "http://secunia.com/advisories/30430", }, { name: "APPLE-SA-2008-05-28", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { name: "HPSBOV02683", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", refsource: "CONFIRM", url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { name: "18517", refsource: "SECUNIA", url: "http://secunia.com/advisories/18517", }, { name: "22669", refsource: "SECUNIA", url: "http://secunia.com/advisories/22669", }, { name: "TSLSA-2005-0074", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2005/0074/", }, { name: "SSA:2006-129-01", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { name: "PK16139", refsource: "AIXAPAR", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { name: "oval:org.mitre.oval:def:10480", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { name: "RHSA-2006:0692", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { name: "SSRT061202", refsource: "HP", url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { name: "18585", refsource: "SECUNIA", url: "http://secunia.com/advisories/18585", }, { name: "http://docs.info.apple.com/article.html?artnum=307562", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "PK25355", refsource: "AIXAPAR", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { name: "GLSA-200602-03", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { name: "ADV-2008-1697", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "19012", refsource: "SECUNIA", url: "http://secunia.com/advisories/19012", }, { name: "18429", refsource: "SECUNIA", url: "http://secunia.com/advisories/18429", }, { name: "15834", refsource: "BID", url: "http://www.securityfocus.com/bid/15834", }, { name: "ADV-2005-2870", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2870", }, { name: "SSA:2006-130-01", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { name: "18743", refsource: "SECUNIA", url: "http://secunia.com/advisories/18743", }, { name: "25239", refsource: "SECUNIA", url: "http://secunia.com/advisories/25239", }, { name: "HPSBUX02172", refsource: "HP", url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { name: "22140", refsource: "SECUNIA", url: "http://secunia.com/advisories/22140", }, { name: "22388", refsource: "SECUNIA", url: "http://secunia.com/advisories/22388", }, { name: "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E", }, ], }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "389EC30E-F3B0-46AF-8130-546886042780", versionEndExcluding: "1.3.35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "6FAFA4DB-88A2-4F63-8E9D-17DAC2DD94E8", versionEndExcluding: "2.0.56", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", matchCriteriaId: "ACBC75F8-C1AF-45AE-91BA-5670EF2D0DCD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", }, { lang: "es", value: "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el Referente cuando se usan mapas de imágenes.", }, ], id: "CVE-2005-3352", lastModified: "2024-01-19T15:12:24.063", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2005-12-13T20:03:00.000", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", "URL Repurposed", ], url: "http://secunia.com/advisories/17319", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18008", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18333", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18339", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18340", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18429", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18517", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18526", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18585", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18743", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/19012", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20046", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20670", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", "Third Party Advisory", ], url: "http://secunia.com/advisories/21744", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22140", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22368", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22388", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22669", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/23260", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/25239", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29420", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29849", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/30430", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://securitytracker.com/id?1015344", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2006/dsa-1167", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/15834", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.trustix.org/errata/2005/0074/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2005/2870", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/2423", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/3995", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4015", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4300", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4868", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, ], sourceIdentifier: "secalert@redhat.com", vendorComments: [ { comment: "Fixed in Apache HTTP Server 2.2.2, 2.0.58, and 1.3.35: http://httpd.apache.org/security/vulnerabilities_22.html\nhttp://httpd.apache.org/security/vulnerabilities_20.html\nhttp://httpd.apache.org/security/vulnerabilities_13.html", lastModified: "2008-07-02T00:00:00", organization: "Apache", }, ], vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }, }, }, }
cve-2005-3352
Vulnerability from jvndb
Published
2009-02-04 17:42
Modified
2014-05-22 18:03
Summary
Multiple Vulnerabilities Concerning Hitachi Web Server
Details
Hitachi Web Server has vulnerabilities listed below:
1. A vulnerability that allows to roll back the Open SSL version when using the SSL.
2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server.
3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html", "dc:date": "2014-05-22T18:03+09:00", "dcterms:issued": "2009-02-04T17:42+09:00", "dcterms:modified": "2014-05-22T18:03+09:00", description: "Hitachi Web Server has vulnerabilities listed below:\r\n\r\n1. A vulnerability that allows to roll back the Open SSL version when using the SSL.\r\n\r\n2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server.\r\n\r\n3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.", link: "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "@version": "2.0", }, "sec:identifier": "JVNDB-2006-000992", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918", "@id": "CVE-2006-3918", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0514", "@id": "CVE-2007-0514", "@source": "CVE", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3918", "@id": "CVE-2006-3918", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0514", "@id": "CVE-2007-0514", "@source": "NVD", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000992.html", "@id": "JVNDB-2006-000992", "@source": "JVNDB_Ja", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-noinfo", "@title": "No Mapping(CWE-noinfo)", }, ], title: "Multiple Vulnerabilities Concerning Hitachi Web Server", }
cve-2005-3352
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-22 18:03
Summary
mod_imap cross-site scripting vulnerability
Details
The "mod_imap" and "mod_imagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing.
mod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html", "dc:date": "2014-05-22T18:03+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-22T18:03+09:00", description: "The \"mod_imap\" and \"mod_imagemap\" modules of the Apache HTTP Server are used for implementing server-side image map processing.\r\nmod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.", link: "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html", "sec:cpe": [ { "#text": "cpe:/a:apache:http_server", "@product": "Apache HTTP Server", "@vendor": "Apache Software Foundation", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:ibm:http_server", "@product": "IBM HTTP Server", "@vendor": "IBM Corporation", "@version": "2.2", }, { "#text": "cpe:/a:oracle:http_server", "@product": "Oracle HTTP Server", "@vendor": "Oracle Corporation", "@version": "2.2", }, { "#text": "cpe:/o:apple:mac_os_x", "@product": "Apple Mac OS X", "@vendor": "Apple Inc.", "@version": "2.2", }, { "#text": "cpe:/o:apple:mac_os_x_server", "@product": "Apple Mac OS X Server", "@vendor": "Apple Inc.", "@version": "2.2", }, { "#text": "cpe:/o:hp:hp-ux", "@product": "HP-UX", "@vendor": "Hewlett-Packard Development Company,L.P", "@version": "2.2", }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2", }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:redhat:linux_advanced_workstation", "@product": "Red Hat Linux Advanced Workstation", "@vendor": "Red Hat, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:sun:solaris", "@product": "Sun Solaris", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_fuji", "@product": "Turbolinux FUJI", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_multimedia", "@product": "Turbolinux Multimedia", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_personal", "@product": "Turbolinux Personal", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2", }, ], "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0", }, "sec:identifier": "JVNDB-2005-000727", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN06045169/index.html", "@id": "JVN#06045169", "@source": "JVN", }, { "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html", "@id": "TRTA08-079A", "@source": "JVNTR", }, { "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html", "@id": "TRTA08-150A", "@source": "JVNTR", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "CVE", }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "NVD", }, { "#text": "http://www.us-cert.gov/cas/alerts/SA08-079A.html", "@id": "SA08-079A", "@source": "CERT-SA", }, { "#text": "http://www.us-cert.gov/cas/alerts/SA08-150A.html", "@id": "SA08-150A", "@source": "CERT-SA", }, { "#text": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html", "@id": "TA08-079A", "@source": "CERT-TA", }, { "#text": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", "@id": "TA08-150A", "@source": "CERT-TA", }, { "#text": "http://www.securityfocus.com/bid/15834", "@id": "15834", "@source": "BID", }, ], title: "mod_imap cross-site scripting vulnerability", }
opensuse-su-2024:10623-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
apache2-2.4.49-1.1 on GA media
Notes
Title of the patch
apache2-2.4.49-1.1 on GA media
Description of the patch
These are all security issues fixed in the apache2-2.4.49-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10623
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "apache2-2.4.49-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the apache2-2.4.49-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10623", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10623-1.json", }, { category: "self", summary: "SUSE CVE CVE-2005-3352 page", url: "https://www.suse.com/security/cve/CVE-2005-3352/", }, { category: "self", summary: "SUSE CVE CVE-2005-3357 page", url: "https://www.suse.com/security/cve/CVE-2005-3357/", }, { category: "self", summary: "SUSE CVE CVE-2006-3747 page", url: "https://www.suse.com/security/cve/CVE-2006-3747/", }, { category: "self", summary: "SUSE CVE CVE-2006-5752 page", url: "https://www.suse.com/security/cve/CVE-2006-5752/", }, { category: "self", summary: "SUSE CVE CVE-2007-1862 page", url: "https://www.suse.com/security/cve/CVE-2007-1862/", }, { category: "self", summary: "SUSE CVE CVE-2007-1863 page", url: "https://www.suse.com/security/cve/CVE-2007-1863/", }, { category: "self", summary: "SUSE CVE CVE-2007-3304 page", url: "https://www.suse.com/security/cve/CVE-2007-3304/", }, { category: "self", summary: "SUSE CVE CVE-2007-3847 page", url: "https://www.suse.com/security/cve/CVE-2007-3847/", }, { category: "self", summary: "SUSE CVE CVE-2007-4465 page", url: "https://www.suse.com/security/cve/CVE-2007-4465/", }, { category: "self", summary: "SUSE CVE CVE-2007-5000 page", url: "https://www.suse.com/security/cve/CVE-2007-5000/", }, { category: "self", summary: "SUSE CVE CVE-2007-6388 page", url: "https://www.suse.com/security/cve/CVE-2007-6388/", }, { category: "self", summary: "SUSE CVE CVE-2007-6420 page", url: "https://www.suse.com/security/cve/CVE-2007-6420/", }, { category: "self", summary: "SUSE CVE CVE-2007-6421 page", url: "https://www.suse.com/security/cve/CVE-2007-6421/", }, { category: "self", summary: "SUSE CVE CVE-2007-6422 page", url: "https://www.suse.com/security/cve/CVE-2007-6422/", }, { category: "self", summary: "SUSE CVE CVE-2008-0005 page", url: "https://www.suse.com/security/cve/CVE-2008-0005/", }, { category: "self", summary: "SUSE CVE CVE-2008-1678 page", url: "https://www.suse.com/security/cve/CVE-2008-1678/", }, { category: "self", summary: "SUSE CVE CVE-2008-2364 page", url: "https://www.suse.com/security/cve/CVE-2008-2364/", }, { category: "self", summary: "SUSE CVE CVE-2008-2939 page", url: "https://www.suse.com/security/cve/CVE-2008-2939/", }, { category: "self", summary: "SUSE CVE CVE-2016-5387 page", url: "https://www.suse.com/security/cve/CVE-2016-5387/", }, { category: "self", summary: "SUSE CVE CVE-2016-8740 page", url: "https://www.suse.com/security/cve/CVE-2016-8740/", }, { category: "self", summary: "SUSE CVE CVE-2017-9798 page", url: "https://www.suse.com/security/cve/CVE-2017-9798/", }, { category: "self", summary: "SUSE CVE CVE-2019-10081 page", url: "https://www.suse.com/security/cve/CVE-2019-10081/", }, { category: "self", summary: "SUSE CVE CVE-2019-10082 page", url: "https://www.suse.com/security/cve/CVE-2019-10082/", }, { category: "self", summary: "SUSE CVE CVE-2019-10092 page", url: "https://www.suse.com/security/cve/CVE-2019-10092/", }, { category: "self", summary: "SUSE CVE CVE-2019-10097 page", url: "https://www.suse.com/security/cve/CVE-2019-10097/", }, { category: "self", summary: "SUSE CVE CVE-2019-10098 page", url: "https://www.suse.com/security/cve/CVE-2019-10098/", }, { category: "self", summary: "SUSE CVE CVE-2019-9517 page", url: "https://www.suse.com/security/cve/CVE-2019-9517/", }, ], title: "apache2-2.4.49-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10623-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "apache2-2.4.49-1.1.aarch64", product: { name: "apache2-2.4.49-1.1.aarch64", product_id: "apache2-2.4.49-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "apache2-2.4.49-1.1.ppc64le", product: { name: "apache2-2.4.49-1.1.ppc64le", product_id: "apache2-2.4.49-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "apache2-2.4.49-1.1.s390x", product: { name: "apache2-2.4.49-1.1.s390x", product_id: "apache2-2.4.49-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "apache2-2.4.49-1.1.x86_64", product: { name: "apache2-2.4.49-1.1.x86_64", product_id: "apache2-2.4.49-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "apache2-2.4.49-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", }, product_reference: "apache2-2.4.49-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "apache2-2.4.49-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", }, product_reference: "apache2-2.4.49-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "apache2-2.4.49-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", }, product_reference: "apache2-2.4.49-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "apache2-2.4.49-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", }, product_reference: "apache2-2.4.49-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2005-3352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2005-3352", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2005-3352", url: "https://www.suse.com/security/cve/CVE-2005-3352", }, { category: "external", summary: "SUSE Bug 138083 for CVE-2005-3352", url: "https://bugzilla.suse.com/138083", }, { category: "external", summary: "SUSE Bug 142507 for CVE-2005-3352", url: "https://bugzilla.suse.com/142507", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2005-3352", }, { cve: "CVE-2005-3357", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2005-3357", }, ], notes: [ { category: "general", text: "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2005-3357", url: "https://www.suse.com/security/cve/CVE-2005-3357", }, { category: "external", summary: "SUSE Bug 138083 for CVE-2005-3357", url: "https://bugzilla.suse.com/138083", }, { category: "external", summary: "SUSE Bug 142338 for CVE-2005-3357", url: "https://bugzilla.suse.com/142338", }, { category: "external", summary: "SUSE Bug 186167 for CVE-2005-3357", url: "https://bugzilla.suse.com/186167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2005-3357", }, { cve: "CVE-2006-3747", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-3747", }, ], notes: [ { category: "general", text: "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-3747", url: "https://www.suse.com/security/cve/CVE-2006-3747", }, { category: "external", summary: "SUSE Bug 194675 for CVE-2006-3747", url: "https://bugzilla.suse.com/194675", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2006-3747", }, { cve: "CVE-2006-5752", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5752", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5752", url: "https://www.suse.com/security/cve/CVE-2006-5752", }, { category: "external", summary: "SUSE Bug 289996 for CVE-2006-5752", url: "https://bugzilla.suse.com/289996", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2006-5752", url: "https://bugzilla.suse.com/308637", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5752", }, { cve: "CVE-2007-1862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-1862", }, ], notes: [ { category: "general", text: "The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-1862", url: "https://www.suse.com/security/cve/CVE-2007-1862", }, { category: "external", summary: "SUSE Bug 280414 for CVE-2007-1862", url: "https://bugzilla.suse.com/280414", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2007-1862", url: "https://bugzilla.suse.com/308637", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-1862", }, { cve: "CVE-2007-1863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-1863", }, ], notes: [ { category: "general", text: "cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-1863", url: "https://www.suse.com/security/cve/CVE-2007-1863", }, { category: "external", summary: "SUSE Bug 289997 for CVE-2007-1863", url: "https://bugzilla.suse.com/289997", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2007-1863", url: "https://bugzilla.suse.com/308637", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-1863", }, { cve: "CVE-2007-3304", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-3304", }, ], notes: [ { category: "general", text: "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-3304", url: "https://www.suse.com/security/cve/CVE-2007-3304", }, { category: "external", summary: "SUSE Bug 286685 for CVE-2007-3304", url: "https://bugzilla.suse.com/286685", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2007-3304", url: "https://bugzilla.suse.com/308637", }, { category: "external", summary: "SUSE Bug 422464 for CVE-2007-3304", url: "https://bugzilla.suse.com/422464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-3304", }, { cve: "CVE-2007-3847", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-3847", }, ], notes: [ { category: "general", text: "The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-3847", url: "https://www.suse.com/security/cve/CVE-2007-3847", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2007-3847", url: "https://bugzilla.suse.com/308637", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-3847", }, { cve: "CVE-2007-4465", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-4465", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-4465", url: "https://www.suse.com/security/cve/CVE-2007-4465", }, { category: "external", summary: "SUSE Bug 308637 for CVE-2007-4465", url: "https://bugzilla.suse.com/308637", }, { category: "external", summary: "SUSE Bug 310161 for CVE-2007-4465", url: "https://bugzilla.suse.com/310161", }, { category: "external", summary: "SUSE Bug 325655 for CVE-2007-4465", url: "https://bugzilla.suse.com/325655", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-4465", }, { cve: "CVE-2007-5000", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-5000", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-5000", url: "https://www.suse.com/security/cve/CVE-2007-5000", }, { category: "external", summary: "SUSE Bug 353859 for CVE-2007-5000", url: "https://bugzilla.suse.com/353859", }, { category: "external", summary: "SUSE Bug 355888 for CVE-2007-5000", url: "https://bugzilla.suse.com/355888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-5000", }, { cve: "CVE-2007-6388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6388", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6388", url: "https://www.suse.com/security/cve/CVE-2007-6388", }, { category: "external", summary: "SUSE Bug 352235 for CVE-2007-6388", url: "https://bugzilla.suse.com/352235", }, { category: "external", summary: "SUSE Bug 355888 for CVE-2007-6388", url: "https://bugzilla.suse.com/355888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6388", }, { cve: "CVE-2007-6420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6420", }, ], notes: [ { category: "general", text: "Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6420", url: "https://www.suse.com/security/cve/CVE-2007-6420", }, { category: "external", summary: "SUSE Bug 353261 for CVE-2007-6420", url: "https://bugzilla.suse.com/353261", }, { category: "external", summary: "SUSE Bug 373903 for CVE-2007-6420", url: "https://bugzilla.suse.com/373903", }, { category: "external", summary: "SUSE Bug 422464 for CVE-2007-6420", url: "https://bugzilla.suse.com/422464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6420", }, { cve: "CVE-2007-6421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6421", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6421", url: "https://www.suse.com/security/cve/CVE-2007-6421", }, { category: "external", summary: "SUSE Bug 353261 for CVE-2007-6421", url: "https://bugzilla.suse.com/353261", }, { category: "external", summary: "SUSE Bug 355888 for CVE-2007-6421", url: "https://bugzilla.suse.com/355888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2007-6421", }, { cve: "CVE-2007-6422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6422", }, ], notes: [ { category: "general", text: "The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6422", url: "https://www.suse.com/security/cve/CVE-2007-6422", }, { category: "external", summary: "SUSE Bug 353261 for CVE-2007-6422", url: "https://bugzilla.suse.com/353261", }, { category: "external", summary: "SUSE Bug 355888 for CVE-2007-6422", url: "https://bugzilla.suse.com/355888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2007-6422", }, { cve: "CVE-2008-0005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-0005", }, ], notes: [ { category: "general", text: "mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-0005", url: "https://www.suse.com/security/cve/CVE-2008-0005", }, { category: "external", summary: "SUSE Bug 353262 for CVE-2008-0005", url: "https://bugzilla.suse.com/353262", }, { category: "external", summary: "SUSE Bug 355888 for CVE-2008-0005", url: "https://bugzilla.suse.com/355888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-0005", }, { cve: "CVE-2008-1678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1678", }, ], notes: [ { category: "general", text: "Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1678", url: "https://www.suse.com/security/cve/CVE-2008-1678", }, { category: "external", summary: "SUSE Bug 392096 for CVE-2008-1678", url: "https://bugzilla.suse.com/392096", }, { category: "external", summary: "SUSE Bug 422464 for CVE-2008-1678", url: "https://bugzilla.suse.com/422464", }, { category: "external", summary: "SUSE Bug 566238 for CVE-2008-1678", url: "https://bugzilla.suse.com/566238", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-1678", }, { cve: "CVE-2008-2364", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-2364", }, ], notes: [ { category: "general", text: "The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-2364", url: "https://www.suse.com/security/cve/CVE-2008-2364", }, { category: "external", summary: "SUSE Bug 408832 for CVE-2008-2364", url: "https://bugzilla.suse.com/408832", }, { category: "external", summary: "SUSE Bug 422464 for CVE-2008-2364", url: "https://bugzilla.suse.com/422464", }, { category: "external", summary: "SUSE Bug 443824 for CVE-2008-2364", url: "https://bugzilla.suse.com/443824", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-2364", }, { cve: "CVE-2008-2939", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-2939", }, ], notes: [ { category: "general", text: "Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-2939", url: "https://www.suse.com/security/cve/CVE-2008-2939", }, { category: "external", summary: "SUSE Bug 210904 for CVE-2008-2939", url: "https://bugzilla.suse.com/210904", }, { category: "external", summary: "SUSE Bug 415061 for CVE-2008-2939", url: "https://bugzilla.suse.com/415061", }, { category: "external", summary: "SUSE Bug 422464 for CVE-2008-2939", url: "https://bugzilla.suse.com/422464", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-2939", }, { cve: "CVE-2016-5387", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5387", }, ], notes: [ { category: "general", text: "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5387", url: "https://www.suse.com/security/cve/CVE-2016-5387", }, { category: "external", summary: "SUSE Bug 988484 for CVE-2016-5387", url: "https://bugzilla.suse.com/988484", }, { category: "external", summary: "SUSE Bug 988486 for CVE-2016-5387", url: "https://bugzilla.suse.com/988486", }, { category: "external", summary: "SUSE Bug 988487 for CVE-2016-5387", url: "https://bugzilla.suse.com/988487", }, { category: "external", summary: "SUSE Bug 988488 for CVE-2016-5387", url: "https://bugzilla.suse.com/988488", }, { category: "external", summary: "SUSE Bug 988489 for CVE-2016-5387", url: "https://bugzilla.suse.com/988489", }, { category: "external", summary: "SUSE Bug 988491 for CVE-2016-5387", url: "https://bugzilla.suse.com/988491", }, { category: "external", summary: "SUSE Bug 988492 for CVE-2016-5387", url: "https://bugzilla.suse.com/988492", }, { category: "external", summary: "SUSE Bug 989125 for CVE-2016-5387", url: "https://bugzilla.suse.com/989125", }, { category: "external", summary: "SUSE Bug 989174 for CVE-2016-5387", url: "https://bugzilla.suse.com/989174", }, { category: "external", summary: "SUSE Bug 989684 for CVE-2016-5387", url: "https://bugzilla.suse.com/989684", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5387", }, { cve: "CVE-2016-8740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-8740", }, ], notes: [ { category: "general", text: "The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-8740", url: "https://www.suse.com/security/cve/CVE-2016-8740", }, { category: "external", summary: "SUSE Bug 1013648 for CVE-2016-8740", url: "https://bugzilla.suse.com/1013648", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-8740", }, { cve: "CVE-2017-9798", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9798", }, ], notes: [ { category: "general", text: "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9798", url: "https://www.suse.com/security/cve/CVE-2017-9798", }, { category: "external", summary: "SUSE Bug 1058058 for CVE-2017-9798", url: "https://bugzilla.suse.com/1058058", }, { category: "external", summary: "SUSE Bug 1060757 for CVE-2017-9798", url: "https://bugzilla.suse.com/1060757", }, { category: "external", summary: "SUSE Bug 1077582 for CVE-2017-9798", url: "https://bugzilla.suse.com/1077582", }, { category: "external", summary: "SUSE Bug 1078450 for CVE-2017-9798", url: "https://bugzilla.suse.com/1078450", }, { category: "external", summary: "SUSE Bug 1089997 for CVE-2017-9798", url: "https://bugzilla.suse.com/1089997", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9798", }, { cve: "CVE-2019-10081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10081", }, ], notes: [ { category: "general", text: "HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with \"H2PushResource\", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10081", url: "https://www.suse.com/security/cve/CVE-2019-10081", }, { category: "external", summary: "SUSE Bug 1145742 for CVE-2019-10081", url: "https://bugzilla.suse.com/1145742", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10081", }, { cve: "CVE-2019-10082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10082", }, ], notes: [ { category: "general", text: "In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10082", url: "https://www.suse.com/security/cve/CVE-2019-10082", }, { category: "external", summary: "SUSE Bug 1145741 for CVE-2019-10082", url: "https://bugzilla.suse.com/1145741", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10082", }, { cve: "CVE-2019-10092", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10092", }, ], notes: [ { category: "general", text: "In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10092", url: "https://www.suse.com/security/cve/CVE-2019-10092", }, { category: "external", summary: "SUSE Bug 1145740 for CVE-2019-10092", url: "https://bugzilla.suse.com/1145740", }, { category: "external", summary: "SUSE Bug 1182703 for CVE-2019-10092", url: "https://bugzilla.suse.com/1182703", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-10092", }, { cve: "CVE-2019-10097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10097", }, ], notes: [ { category: "general", text: "In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the \"PROXY\" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10097", url: "https://www.suse.com/security/cve/CVE-2019-10097", }, { category: "external", summary: "SUSE Bug 1145739 for CVE-2019-10097", url: "https://bugzilla.suse.com/1145739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10097", }, { cve: "CVE-2019-10098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10098", }, ], notes: [ { category: "general", text: "In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10098", url: "https://www.suse.com/security/cve/CVE-2019-10098", }, { category: "external", summary: "SUSE Bug 1145738 for CVE-2019-10098", url: "https://bugzilla.suse.com/1145738", }, { category: "external", summary: "SUSE Bug 1168407 for CVE-2019-10098", url: "https://bugzilla.suse.com/1168407", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-10098", }, { cve: "CVE-2019-9517", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9517", }, ], notes: [ { category: "general", text: "Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9517", url: "https://www.suse.com/security/cve/CVE-2019-9517", }, { category: "external", summary: "SUSE Bug 1145575 for CVE-2019-9517", url: "https://bugzilla.suse.com/1145575", }, { category: "external", summary: "SUSE Bug 1146097 for CVE-2019-9517", url: "https://bugzilla.suse.com/1146097", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:apache2-2.4.49-1.1.aarch64", "openSUSE Tumbleweed:apache2-2.4.49-1.1.ppc64le", "openSUSE Tumbleweed:apache2-2.4.49-1.1.s390x", "openSUSE Tumbleweed:apache2-2.4.49-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-9517", }, ], }
ghsa-3h5q-3j8q-4rm9
Vulnerability from github
Published
2022-05-03 03:14
Modified
2022-05-03 03:14
Details
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
{ affected: [], aliases: [ "CVE-2005-3352", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2005-12-13T20:03:00Z", severity: "MODERATE", }, details: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", id: "GHSA-3h5q-3j8q-4rm9", modified: "2022-05-03T03:14:29Z", published: "2022-05-03T03:14:29Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2005-3352", }, { type: "WEB", url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { type: "WEB", url: "http://docs.info.apple.com/article.html?artnum=307562", }, { type: "WEB", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { type: "WEB", url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { type: "WEB", url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { type: "WEB", url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { type: "WEB", url: "http://secunia.com/advisories/17319", }, { type: "WEB", url: "http://secunia.com/advisories/18008", }, { type: "WEB", url: "http://secunia.com/advisories/18333", }, { type: "WEB", url: "http://secunia.com/advisories/18339", }, { type: "WEB", url: "http://secunia.com/advisories/18340", }, { type: "WEB", url: "http://secunia.com/advisories/18429", }, { type: "WEB", url: "http://secunia.com/advisories/18517", }, { type: "WEB", url: "http://secunia.com/advisories/18526", }, { type: "WEB", url: "http://secunia.com/advisories/18585", }, { type: "WEB", url: "http://secunia.com/advisories/18743", }, { type: "WEB", url: "http://secunia.com/advisories/19012", }, { type: "WEB", url: "http://secunia.com/advisories/20046", }, { type: "WEB", url: "http://secunia.com/advisories/20670", }, { type: "WEB", url: "http://secunia.com/advisories/21744", }, { type: "WEB", url: "http://secunia.com/advisories/22140", }, { type: "WEB", url: "http://secunia.com/advisories/22368", }, { type: "WEB", url: "http://secunia.com/advisories/22388", }, { type: "WEB", url: "http://secunia.com/advisories/22669", }, { type: "WEB", url: "http://secunia.com/advisories/23260", }, { type: "WEB", url: "http://secunia.com/advisories/25239", }, { type: "WEB", url: "http://secunia.com/advisories/29420", }, { type: "WEB", url: "http://secunia.com/advisories/29849", }, { type: "WEB", url: "http://secunia.com/advisories/30430", }, { type: "WEB", url: "http://securitytracker.com/id?1015344", }, { type: "WEB", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { type: "WEB", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { type: "WEB", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { type: "WEB", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { type: "WEB", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { type: "WEB", url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { type: "WEB", url: "http://www.debian.org/security/2006/dsa-1167", }, { type: "WEB", url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { type: "WEB", url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { type: "WEB", url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { type: "WEB", url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/bid/15834", }, { type: "WEB", url: "http://www.trustix.org/errata/2005/0074", }, { type: "WEB", url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { type: "WEB", url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2005/2870", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2006/2423", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2006/3995", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2006/4015", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2006/4300", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2006/4868", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { type: "WEB", url: "http://www.vupen.com/english/advisories/2008/1697", }, { type: "WEB", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, ], schema_version: "1.4.0", severity: [], }
fkie_cve-2005-3352
Vulnerability from fkie_nvd
Published
2005-12-13 20:03
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| apache | http_server | * | |
| apache | http_server | 2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "389EC30E-F3B0-46AF-8130-546886042780", versionEndExcluding: "1.3.35", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "6FAFA4DB-88A2-4F63-8E9D-17DAC2DD94E8", versionEndExcluding: "2.0.56", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", matchCriteriaId: "ACBC75F8-C1AF-45AE-91BA-5670EF2D0DCD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", }, { lang: "es", value: "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_imap de Apache httpd anteriores a 1.3.35-dev y Apache httpd 2.0.x anteriores a 2.0.56-dev permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el Referente cuando se usan mapas de imágenes.", }, ], id: "CVE-2005-3352", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2005-12-13T20:03:00.000", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", "URL Repurposed", ], url: "http://secunia.com/advisories/17319", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18008", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18333", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18339", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18340", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18429", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18517", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18526", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18585", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18743", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/19012", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20046", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20670", }, { source: "secalert@redhat.com", tags: [ "Not Applicable", "Third Party Advisory", ], url: "http://secunia.com/advisories/21744", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22140", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22368", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22388", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22669", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/23260", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/25239", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29420", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29849", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/30430", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://securitytracker.com/id?1015344", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2006/dsa-1167", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/15834", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.trustix.org/errata/2005/0074/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2005/2870", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/2423", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/3995", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4015", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4300", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4868", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "http://issues.apache.org/bugzilla/show_bug.cgi?id=37874", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0159.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://rhn.redhat.com/errata/RHSA-2006-0692.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "URL Repurposed", ], url: "http://secunia.com/advisories/17319", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18008", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18339", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18340", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18429", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18526", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/18743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/19012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/20670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Third Party Advisory", ], url: "http://secunia.com/advisories/21744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/22669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/23260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/25239", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29420", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29849", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/30430", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://securitytracker.com/id?1015344", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2006/dsa-1167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/linux/security/advisories/2006_43_apache.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0158.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/425399/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/445206/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450315/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/450321/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/15834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.trustix.org/errata/2005/0074/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntulinux.org/usn/usn-241-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2005/2870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/2423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/3995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2006/4868", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1246/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480", }, ], sourceIdentifier: "secalert@redhat.com", vendorComments: [ { comment: "Fixed in Apache HTTP Server 2.2.2, 2.0.58, and 1.3.35: http://httpd.apache.org/security/vulnerabilities_22.html\nhttp://httpd.apache.org/security/vulnerabilities_20.html\nhttp://httpd.apache.org/security/vulnerabilities_13.html", lastModified: "2008-07-02T00:00:00", organization: "Apache", }, ], vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.