• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Focus On: Vista
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

• info
• discussion
• exploit
• solution
• references

Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability

Solution:
Apache 2.0.43 is not vulnerable to this issue:

HP has released a security bulletin. Customers of HP-UX are advised to download Apache 2.0.43.00 product bundles from:

http://www.software.hp.com/ISS_products_list.html

HP has advised NNM (Network Node Manager) customers to refrain from installing these product bundles. Further details are available in the referenced advisory.

Fixes available:


HP HP-UX 11.0

• HP Apache 2.0.43.00
  http://www.software.hp.com/ISS_products_list.html

HP HP-UX 11.11

• HP Apache 2.0.43.00
  http://www.software.hp.com/ISS_products_list.html

HP HP-UX 11.20

• HP Apache 2.0.43.00
  http://www.software.hp.com/ISS_products_list.html

HP HP-UX 11.22

• HP Apache 2.0.43.00
  http://www.software.hp.com/ISS_products_list.html

Apache Software Foundation Apache 2.0

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.35

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.36

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.37

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.38

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.39

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.40

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.41

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

Apache Software Foundation Apache 2.0.42

• Apache Software Foundation Apache httpd 2.0.43
  http://www.apache.org/dist/httpd/

HP VirtualVault 4.5

• HP PHSS_28098
  s700_800 11.04 Virtualvault 4.5 OWS update
  http://itrc.hp.com/


• HP PHSS_28111
  s700_800 11.04 Virtualvault 4.5 IWS Update
  http://itrc.hp.com/

HP VirtualVault 4.6

• HP PHSS_28090
  s700_800 11.04 Virtualvault 4.6 IWS update
  http://itrc.hp.com/


• HP PHSS_28099
  s700_800 11.04 Virtualvault 4.6 OWS update
  http://itrc.hp.com/

HP OpenView Network Node Manager 6.2 Solaris

• HP PSOV_03251
  http://ovweb.external.hp.com/cpe/patches/

HP OpenView Network Node Manager 6.2 HP-UX 11.X

• HP PHSS_28705
  http://ovweb.external.hp.com/cpe/patches/

HP OpenView Network Node Manager 6.2 HP-UX 10.X

• HP PHSS_28704
  http://ovweb.external.hp.com/cpe/patches/