Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.71143 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 2417-1 (libxml2) |
Zusammenfassung: | The remote host is missing an update to libxml2;announced via advisory DSA 2417-1. |
Beschreibung: | Summary: The remote host is missing an update to libxml2 announced via advisory DSA 2417-1. Vulnerability Insight: It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead. For the stable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze3. For the testing (wheezy) and unstable (sid) distributions, this problem will be fixed soon. Solution: We recommend that you upgrade your libxml2 packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-0841 http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html BugTraq ID: 52107 http://www.securityfocus.com/bid/52107 Debian Security Information: DSA-2417 (Google Search) http://www.debian.org/security/2012/dsa-2417 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846 http://www.openwall.com/lists/oss-security/2012/02/22/1 RedHat Security Advisories: RHSA-2012:0324 http://rhn.redhat.com/errata/RHSA-2012-0324.html RedHat Security Advisories: RHSA-2013:0217 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://securitytracker.com/id?1026723 http://secunia.com/advisories/54886 http://secunia.com/advisories/55568 SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html |
Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |