Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.840667
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for apr USN-1134-1
Zusammenfassung:Ubuntu Update for Linux kernel vulnerabilities USN-1134-1
Beschreibung:Summary:
Ubuntu Update for Linux kernel vulnerabilities USN-1134-1

Vulnerability Insight:
Maksymilian Arciemowicz reported that a flaw in the fnmatch()
implementation in the Apache Portable Runtime (APR) library could allow
an attacker to cause a denial of service. This can be demonstrated
in a remote denial of service attack against mod_autoindex in the
Apache web server. (CVE-2011-0419)

Is was discovered that the fix for CVE-2011-0419 introduced a different
flaw in the fnmatch() implementation that could also result in a
denial of service. (CVE-2011-1928)

Affected Software/OS:
apr on Ubuntu 11.04,
Ubuntu 10.10,
Ubuntu 10.04 LTS,
Ubuntu 8.04 LTS,
Ubuntu 6.06 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-0419
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Debian Security Information: DSA-2237 (Google Search)
http://www.debian.org/security/2011/dsa-2237
HPdes Security Advisory: HPSBMU02704
http://marc.info/?l=bugtraq&m=132033751509019&w=2
HPdes Security Advisory: HPSBOV02822
http://marc.info/?l=bugtraq&m=134987041210674&w=2
HPdes Security Advisory: HPSBUX02702
http://marc.info/?l=bugtraq&m=131551295528105&w=2
HPdes Security Advisory: HPSBUX02707
http://marc.info/?l=bugtraq&m=131731002122529&w=2
HPdes Security Advisory: SSRT100606
HPdes Security Advisory: SSRT100619
HPdes Security Advisory: SSRT100626
HPdes Security Advisory: SSRT100966
http://www.mandriva.com/security/advisories?name=MDVSA-2011:084
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://cxib.net/stuff/apache.fnmatch.phps
http://cxib.net/stuff/apr_fnmatch.txts
http://www.mail-archive.com/dev@apr.apache.org/msg23961.html
http://www.mail-archive.com/dev@apr.apache.org/msg23960.html
http://www.mail-archive.com/dev@apr.apache.org/msg23976.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804
http://www.redhat.com/support/errata/RHSA-2011-0507.html
http://www.redhat.com/support/errata/RHSA-2011-0896.html
http://www.redhat.com/support/errata/RHSA-2011-0897.html
http://securitytracker.com/id?1025527
http://secunia.com/advisories/44490
http://secunia.com/advisories/44564
http://secunia.com/advisories/44574
http://secunia.com/advisories/48308
http://securityreason.com/securityalert/8246
http://securityreason.com/achievement_securityalert/98
SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1928
http://www.mandriva.com/security/advisories?name=MDVSA-2011:095
http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403@apache.org%3E
http://openwall.com/lists/oss-security/2011/05/19/5
http://openwall.com/lists/oss-security/2011/05/19/10
http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4DD55076.1060005@apache.org%3e
http://www.redhat.com/support/errata/RHSA-2011-0844.html
http://secunia.com/advisories/44558
http://secunia.com/advisories/44613
http://secunia.com/advisories/44661
http://secunia.com/advisories/44780
http://www.vupen.com/english/advisories/2011/1289
http://www.vupen.com/english/advisories/2011/1290
CopyrightCopyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.