Test Kennung:	1.3.6.1.4.1.25623.1.0.58918
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2007:0395
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2007:0395. Mod_perl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. An issue was found in the namespace_from_uri method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service (CVE-2007-1349). Users of mod_perl should update to these erratum packages which contain a backported fix to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0395.html http://www.redhat.com/security/updates/classification/#low Risk factor : Medium CVSS Score: 4.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1349 BugTraq ID: 23192 http://www.securityfocus.com/bid/23192 http://security.gentoo.org/glsa/glsa-200705-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:083 http://www.gossamer-threads.com/lists/modperl/modperl/92739 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349 RedHat Security Advisories: RHSA-2007:0395 http://rhn.redhat.com/errata/RHSA-2007-0395.html http://www.redhat.com/support/errata/RHSA-2007-0396.html http://www.redhat.com/support/errata/RHSA-2007-0486.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://www.redhat.com/support/errata/RHSA-2008-0627.html RedHat Security Advisories: RHSA-2008:0630 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://www.securitytracker.com/id?1018259 http://secunia.com/advisories/24678 http://secunia.com/advisories/24839 http://secunia.com/advisories/25072 http://secunia.com/advisories/25110 http://secunia.com/advisories/25432 http://secunia.com/advisories/25655 http://secunia.com/advisories/25730 http://secunia.com/advisories/25894 http://secunia.com/advisories/26084 http://secunia.com/advisories/26231 http://secunia.com/advisories/26290 http://secunia.com/advisories/31490 http://secunia.com/advisories/31493 http://secunia.com/advisories/33720 http://secunia.com/advisories/33723 SGI Security Advisory: 20070602-01-P ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1 SuSE Security Announcement: SUSE-SR:2007:008 (Google Search) http://www.novell.com/linux/security/advisories/2007_8_sr.html SuSE Security Announcement: SUSE-SR:2007:012 (Google Search) http://www.novell.com/linux/security/advisories/2007_12_sr.html http://www.trustix.org/errata/2007/0023/ http://www.ubuntu.com/usn/usn-488-1 http://www.vupen.com/english/advisories/2007/1150 XForce ISS Database: modperl-pathinfo-dos(33312) https://exchange.xforce.ibmcloud.com/vulnerabilities/33312
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.