In /etc/dirsrv/admin-serv there is a httpd.conf file. Does the admin-serv use the httpd system rpm or does it use a http server distributed with the admin-serv rpm? If it is distributed with the admin-serv rpm than I would say the scan is saying that the vulnerabilities exist in that http server. The httpd rpm installed on the system is the latest httpd-2.2.15-30
On Thu, May 29, 2014 at 12:28 PM, Noriko Hosoi <[email protected]> wrote: > John Trump wrote: > > Does the admin server or admin console run a webserver? > > Yes, the admin server depends upon httpd. > > On May 29, 2014 11:59 AM, "Noriko Hosoi" <[email protected]> wrote: > >> Sorry, I don't know what the tool does. You may want to ask the tool's >> provider the question. >> Thanks. >> >> John Trump wrote: >> >> I am running RHEL 6. Why does the scan show the vulnerabilities on the >> port that directory administration server is using? >> On May 28, 2014 8:25 PM, "Noriko Hosoi" <[email protected]> wrote: >> >>> Hello, as you mentioned, all of the CVEs are quite old (older than >>> RHEL-6). For instance, the last one CVE-2009-1956 was fixed in >>> apr-util-1.2.7-7.el5_3.1. As long as you use RHEL-6, the CVEs you listed >>> are all fixed. Also, please note that the CVEs are all httpd related, not >>> 389-ds. >>> >>> CVE: >>> CVE-2008-0005 >>> CVE-2007-6388 >>> CVE-2007-6422 >>> CVE-2007-6420 >>> CVE-2007-5000 >>> CVE-2007-6421 >>> CVE-2008-1678 >>> >>> CVE-2007-1862 >>> CVE-2007-3847 >>> CVE-2007-3304 >>> CVE-2006-5752 >>> CVE-2007-1863 >>> >>> CVE-2009-1891 >>> CVE-2009-1955 >>> CVE-2009-1191 >>> CVE-2009-0023 >>> CVE-2009-1956 >>> CVE-2009-1195 >>> CVE-2009-1890 >>> >>> John Trump wrote: >>> >>> I have a system running 389-ds that was scanned using retna. Retna >>> showed vulnerabilities which are fairly old. Can anyone confirm that these >>> were fixed. Only thing using port 9830 is the admin-serv. Below are the rpm >>> versions I have installed and the CVE's retna supposidly detected. >>> >>> 389-adminutil-1.1.19-1.el6.x86_64 >>> 389-ds-console-doc-1.2.6-1.el6.noarch >>> 389-admin-1.1.35-1.el6.x86_64 >>> 389-admin-console-1.1.8-5.fc19.noarch >>> 389-console-1.1.7-1.el6.noarch >>> 389-ds-1.2.2-1.el6.noarch >>> 389-ds-base-libs-1.2.11.25-1.el6.x86_64 >>> 389-ds-base-1.2.11.25-1.el6.x86_64 >>> 389-dsgw-1.1.11-1.el6.x86_64 >>> 389-ds-console-1.2.6-1.el6.noarch >>> 389-admin-console-doc-1.1.8-5.fc19.noarch >>> >>> Audit ID: 6310 Vul ID: N/A >>> Risk Level: Medium >>> Sev Code: Category II >>> PCI Level: Medium (Fail) - CVSS Score >>> CVSS Score: 5 [AV:N/AC:L/Au:N/C:N/I:N/A:P] >>> BugTraq ID 27234,26838,27236,27237 >>> CVE: CVE-2008-0005,CVE-2007-6388,CVE-2007-6422,CVE-2007-64 >>> 20,CVE-2007-5000,CVE-2007-6421,CVE-2008-1678 >>> CCE: N/A >>> Exploit: No >>> IAV: N/A >>> STIG: >>> Context: TCP:9830 >>> Result: Success >>> Tested Value: BR T WB Server: >>> >>> (Apache(\([[]^)]*\))?/((2\.((2(\.[[]0-7])?)|(0(\.([[]1-5]?[[]0-9]|6[[]0-2])) >>> >>> ?)|(1(\..*)?)))|(1\.((3(\.([[]1-3]?[[]0-9]|40))?)|([[]0-2](\..*)?)))|(0+\..*)) >>> ($|[[]^0-9.]([[]^(]*\([[]^R][[]^)]*\))*[[]^()]*$)) >>> Found Value: Server: Apache/2.2##Content-Length: 301##Connection: >>> close##Content-Type: text/html; >>> charset[=]iso-8859-1####<!DOCTYPE HTML PUBLIC >>> "-//IETF//DTD HTML 2.0//EN">#<html><head>#<title>404 Not >>> Found</title>#</head><body>#<h1>Not Found</h1> >>> (truncated...) >>> >>> Audit ID: 6059 Vul ID: N/A >>> Risk Level: Medium >>> Sev Code: Category II >>> PCI Level: Medium (Fail) - CVSS Score >>> CVSS Score: 5 [AV:N/AC:L/Au:N/C:P/I:N/A:N] >>> BugTraq ID 24215,24645,25489,24649,24553 >>> CVE: CVE-2007-1862,CVE-2007-3847,CVE-2007-3304,CVE-2006-57 >>> 52,CVE-2007-1863 >>> CCE: N/A >>> Exploit: No >>> IAV: N/A >>> STIG: >>> Context: TCP:9830 >>> Result: Success >>> Tested Value: RR T WB >>> >>> (Apache(\([[]^)]*\))?/(2\.2(\.[[]0-5])?)($|[[]^0-9.]([[]^(]*\([[]^R][[]^)]*\) >>> )*[[]^()]*$)) >>> Found Value: Apache/2.2 >>> >>> Audit ID: 9820 Vul ID: N/A >>> Risk Level: Medium >>> Sev Code: Category II >>> PCI Level: High (Fail) - CVSS Score >>> CVSS Score: 7.8 [AV:N/AC:L/Au:N/C:N/I:N/A:C] >>> BugTraq ID 35565,35253,35623,35251,34663,35221,35115 >>> CVE: CVE-2009-1891,CVE-2009-1955,CVE-2009-1191,CVE-2009-00 >>> 23,CVE-2009-1956,CVE-2009-1195,CVE-2009-1890 >>> CCE: N/A >>> Exploit: Yes >>> IAV: N/A >>> STIG: >>> Context: TCP:9830 >>> Result: Success >>> Tested Value: APACHE(-ADVANCEDEXTRANETSERVER)?/2\.2(\.(1[[]01]|[[]0 >>> -9])(\.[[]0-9]+)*)?($|[[]^0-9.]) >>> Found Value: APACHE/2.2 >>> >>> >>> >>> >>> -- >>> 389 users mailing >>> [email protected]https://admin.fedoraproject.org/mailman/listinfo/389-users >>> >>> >>> >>> -- >>> 389 users mailing list >>> [email protected] >>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>> >> >> >> -- >> 389 users mailing >> [email protected]https://admin.fedoraproject.org/mailman/listinfo/389-users >> >> >> >> -- >> 389 users mailing list >> [email protected] >> https://admin.fedoraproject.org/mailman/listinfo/389-users >> > > > -- > 389 users mailing > [email protected]https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > -- > 389 users mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/389-users >
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
