Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2011:0844
The remote host is missing updates announced in
advisory RHSA-2011:0844.

The Apache Portable Runtime (APR) is a portability library used by the
Apache HTTP Server and other projects. It provides a free library of C data
structures and routines.

The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an
infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME
matching flag was used. A remote attacker could possibly use this flaw to
cause a denial of service on an application using the apr_fnmatch()
function. (CVE-2011-1928)

Note: This problem affected httpd configurations using the Location
directive with wildcard URLs. The denial of service could have been
triggered during normal operation
it did not specifically require a
malicious HTTP request.

This update also addresses additional problems introduced by the rewrite of
the apr_fnmatch() function, which was necessary to address the
CVE-2011-0419 flaw.

All apr users should upgrade to these updated packages, which contain a
backported patch to correct this issue. Applications using the apr library,
such as httpd, must be restarted for this update to take effect.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

CVSS Score:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1928
HPdes Security Advisory: HPSBOV02822
HPdes Security Advisory: SSRT100966
SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-0419
Debian Security Information: DSA-2237 (Google Search)
HPdes Security Advisory: HPSBMU02704
HPdes Security Advisory: HPSBUX02702
HPdes Security Advisory: HPSBUX02707
HPdes Security Advisory: SSRT100606
HPdes Security Advisory: SSRT100619
HPdes Security Advisory: SSRT100626
CopyrightCopyright (c) 2011 E-Soft Inc.

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.