[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#705830: apache2: Apache Range Exploit Detector

Package: apache2.2-common
Version: 2.2.16-6+squeeze11
Severity: normal

Hello, I discover this site:


and apache 2.2.16 is vulnerable to this type of attack.



-- Package-specific info:
List of enabled modules from 'apache2 -M':
  actions* alias auth_basic authn_file authz_default authz_groupfile
  authz_host authz_user autoindex cgi deflate dir env mime
  negotiation php5 reqtimeout rewrite setenvif ssl status
  (A * means that the .conf file for that module is not enabled in
List of enabled php5 extensions:
  curl gd gmp imagick mcrypt mysql mysqli pdo pdo_mysql pdo_sqlite
  pspell recode snmp sqlite sqlite3 suhosin

-- System Information:
Debian Release: 6.0.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apache2 depends on:
ii  apache2-mpm-prefork   2.2.16-6+squeeze11 Apache HTTP Server - traditional n
ii  apache2.2-common      2.2.16-6+squeeze11 Apache HTTP Server common files

apache2 recommends no packages.

apache2 suggests no packages.

Versions of packages apache2.2-common depends on:
ii  apache2-utils         2.2.16-6+squeeze11 utility programs for webservers
ii  apache2.2-bin         2.2.16-6+squeeze11 Apache HTTP Server common binary f
ii  libmagic1             5.04-5+squeeze2    File type determination library us
ii  lsb-base              3.2-23.2squeeze1   Linux Standard Base 3.2 init scrip
ii  mime-support          3.48-1             MIME files 'mime.types' & 'mailcap
ii  perl                  5.10.1-17squeeze6  Larry Wall's Practical Extraction 
ii  procps                1:3.2.8-9squeeze1  /proc file system utilities

-- no debconf information

Reply to: