ID de Prueba:	1.3.6.1.4.1.25623.1.0.803743
Categoría:	Web Servers
Título:	Apache HTTP Server 'mod_dav_svn' Denial of Service Vulnerability (Windows)
Resumen:	Apache HTTP Server is prone to a denial of service vulnerability.
Descripción:	Summary: Apache HTTP Server is prone to a denial of service vulnerability. Vulnerability Insight: The flaw is due to an error in 'mod_dav.c', It does not properly determine whether DAV is enabled for a URI. Vulnerability Impact: Successful exploitation will allow remote attacker to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module. Affected Software/OS: Apache HTTP Server version before 2.2.25. Solution: Update to Apache HTTP Server 2.2.25 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	BugTraq ID: 61129 Common Vulnerability Exposure (CVE) ID: CVE-2013-1896 http://www.securityfocus.com/bid/61129 Cisco Security Advisory: 20130822 Apache HTTP Server MERGE Request Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896 HPdes Security Advisory: HPSBUX02927 https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken HPdes Security Advisory: SSRT101288 https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747 RedHat Security Advisories: RHSA-2013:1156 http://rhn.redhat.com/errata/RHSA-2013-1156.html RedHat Security Advisories: RHSA-2013:1207 http://rhn.redhat.com/errata/RHSA-2013-1207.html RedHat Security Advisories: RHSA-2013:1208 http://rhn.redhat.com/errata/RHSA-2013-1208.html RedHat Security Advisories: RHSA-2013:1209 http://rhn.redhat.com/errata/RHSA-2013-1209.html http://secunia.com/advisories/55032 SuSE Security Announcement: openSUSE-SU-2013:1337 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html SuSE Security Announcement: openSUSE-SU-2013:1340 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html SuSE Security Announcement: openSUSE-SU-2013:1341 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html http://www.ubuntu.com/usn/USN-1903-1
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.