Does the admin server or admin console run a webserver?
On May 29, 2014 11:59 AM, "Noriko Hosoi" <nhosoi(a)redhat.com> wrote:
Sorry, I don't know what the tool does. You may want to ask the
tool's
provider the question.
Thanks.
John Trump wrote:
I am running RHEL 6. Why does the scan show the vulnerabilities on the
port that directory administration server is using?
On May 28, 2014 8:25 PM, "Noriko Hosoi" <nhosoi(a)redhat.com> wrote:
> Hello, as you mentioned, all of the CVEs are quite old (older than
> RHEL-6). For instance, the last one CVE-2009-1956 was fixed in
> apr-util-1.2.7-7.el5_3.1. As long as you use RHEL-6, the CVEs you listed
> are all fixed. Also, please note that the CVEs are all httpd related, not
> 389-ds.
>
> CVE:
> CVE-2008-0005
> CVE-2007-6388
> CVE-2007-6422
> CVE-2007-6420
> CVE-2007-5000
> CVE-2007-6421
> CVE-2008-1678
>
> CVE-2007-1862
> CVE-2007-3847
> CVE-2007-3304
> CVE-2006-5752
> CVE-2007-1863
>
> CVE-2009-1891
> CVE-2009-1955
> CVE-2009-1191
> CVE-2009-0023
> CVE-2009-1956
> CVE-2009-1195
> CVE-2009-1890
>
> John Trump wrote:
>
> I have a system running 389-ds that was scanned using retna. Retna showed
> vulnerabilities which are fairly old. Can anyone confirm that these were
> fixed. Only thing using port 9830 is the admin-serv. Below are the rpm
> versions I have installed and the CVE's retna supposidly detected.
>
> 389-adminutil-1.1.19-1.el6.x86_64
> 389-ds-console-doc-1.2.6-1.el6.noarch
> 389-admin-1.1.35-1.el6.x86_64
> 389-admin-console-1.1.8-5.fc19.noarch
> 389-console-1.1.7-1.el6.noarch
> 389-ds-1.2.2-1.el6.noarch
> 389-ds-base-libs-1.2.11.25-1.el6.x86_64
> 389-ds-base-1.2.11.25-1.el6.x86_64
> 389-dsgw-1.1.11-1.el6.x86_64
> 389-ds-console-1.2.6-1.el6.noarch
> 389-admin-console-doc-1.1.8-5.fc19.noarch
>
> Audit ID: 6310 Vul ID: N/A
> Risk Level: Medium
> Sev Code: Category II
> PCI Level: Medium (Fail) - CVSS Score
> CVSS Score: 5 [AV:N/AC:L/Au:N/C:N/I:N/A:P]
> BugTraq ID 27234,26838,27236,27237
> CVE: CVE-2008-0005,CVE-2007-6388,CVE-2007-6422,CVE-2007-64
> 20,CVE-2007-5000,CVE-2007-6421,CVE-2008-1678
> CCE: N/A
> Exploit: No
> IAV: N/A
> STIG:
> Context: TCP:9830
> Result: Success
> Tested Value: BR T WB Server:
>
> (Apache(\([[]^)]*\))?/((2\.((2(\.[[]0-7])?)|(0(\.([[]1-5]?[[]0-9]|6[[]0-2]))
>
> ?)|(1(\..*)?)))|(1\.((3(\.([[]1-3]?[[]0-9]|40))?)|([[]0-2](\..*)?)))|(0+\..*))
> ($|[[]^0-9.]([[]^(]*\([[]^R][[]^)]*\))*[[]^()]*$))
> Found Value: Server: Apache/2.2##Content-Length: 301##Connection:
> close##Content-Type: text/html;
> charset[=]iso-8859-1####<!DOCTYPE HTML PUBLIC
> "-//IETF//DTD HTML 2.0//EN">#<html><head>#<title>404
Not
> Found</title>#</head><body>#<h1>Not Found</h1>
> (truncated...)
>
> Audit ID: 6059 Vul ID: N/A
> Risk Level: Medium
> Sev Code: Category II
> PCI Level: Medium (Fail) - CVSS Score
> CVSS Score: 5 [AV:N/AC:L/Au:N/C:P/I:N/A:N]
> BugTraq ID 24215,24645,25489,24649,24553
> CVE: CVE-2007-1862,CVE-2007-3847,CVE-2007-3304,CVE-2006-57
> 52,CVE-2007-1863
> CCE: N/A
> Exploit: No
> IAV: N/A
> STIG:
> Context: TCP:9830
> Result: Success
> Tested Value: RR T WB
>
> (Apache(\([[]^)]*\))?/(2\.2(\.[[]0-5])?)($|[[]^0-9.]([[]^(]*\([[]^R][[]^)]*\)
> )*[[]^()]*$))
> Found Value: Apache/2.2
>
> Audit ID: 9820 Vul ID: N/A
> Risk Level: Medium
> Sev Code: Category II
> PCI Level: High (Fail) - CVSS Score
> CVSS Score: 7.8 [AV:N/AC:L/Au:N/C:N/I:N/A:C]
> BugTraq ID 35565,35253,35623,35251,34663,35221,35115
> CVE: CVE-2009-1891,CVE-2009-1955,CVE-2009-1191,CVE-2009-00
> 23,CVE-2009-1956,CVE-2009-1195,CVE-2009-1890
> CCE: N/A
> Exploit: Yes
> IAV: N/A
> STIG:
> Context: TCP:9830
> Result: Success
> Tested Value: APACHE(-ADVANCEDEXTRANETSERVER)?/2\.2(\.(1[[]01]|[[]0
> -9])(\.[[]0-9]+)*)?($|[[]^0-9.])
> Found Value: APACHE/2.2
>
>
>
>
> --
> 389 users mailing
list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
389 users mailing
list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users