[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] Re: SSH and Apache warnings Nessus



On Mon, Oct 06, 2003 at 08:09:37AM +0100, Hollweg, Daniel wrote:
> I have two problems with a new installed SuSe Linux Professional 8.2.
> All current patches are applied. Wehn I am scanning the box with the 
> nessus I get the following warnings:
> 
> - 	You are running a version of OpenSSH which is older than 3.7.1
> 
> - 	You are running OpenSSH-portable 3.6.1p1 or older.

If possible SuSE applies fixes to software versions originally delivered
with some SuSE distribution. Therefore upgrading to the newest
versions is not neccessary.


> Is this O.K. and just an Nessus Problem with the SuSe version of 
> SSH?

Yes


> - 	The remote HTTP server allows an attacker to read arbitrary files
> 	on the remote web server, simply by adding a slash in front of its name. 
> 	Example: GET //etc/passwd will return /etc/passwd.

There has been a vulnerability in mod_rewrite, but it should be no
problem using apache installed with SuSE 8.2.
http://www.apacheweek.com/issues/00-09-22

> I already installed the newest SuSe Apache 1.3 package. Where is the problem?
> Amazing is that the GET request does not return the whole passwd but only two 
> lines.

Is this just some nessus information or did you reproduce the
problem?


-- 
Stefan Tichy <listuser@xxxxxxxxx>

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here