Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.900222
Kategorie:Denial of Service
Titel:IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability
Zusammenfassung:This host is running IBM HTTP Server, which is prone to Denial of; Service Vulnerability.
Beschreibung:Summary:
This host is running IBM HTTP Server, which is prone to Denial of
Service Vulnerability.

Vulnerability Insight:
Issue is due to an error in the ap_proxy_http_process_response()
function in mod_proxy_http.c in the mod_proxy module when processing large number of interim responses
to the client, which could consume all available memory resources.

Vulnerability Impact:
A remote/local user can cause denial of service.

Affected Software/OS:
IBM HTTP Server versions prior to 6.1.0.19.

Solution:
Update to Fix Pack 19.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: BugTraq ID: 29653
Common Vulnerability Exposure (CVE) ID: CVE-2008-2364
AIX APAR: PK67579
http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://www.securityfocus.com/bid/29653
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
Bugtraq: 20080729 rPSA-2008-0236-1 httpd mod_ssl (Google Search)
http://www.securityfocus.com/archive/1/494858/100/0/threaded
Bugtraq: 20081122 rPSA-2008-0328-1 httpd mod_ssl (Google Search)
http://www.securityfocus.com/archive/1/498567/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html
http://security.gentoo.org/glsa/glsa-200807-06.xml
HPdes Security Advisory: HPSBUX02365
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432
HPdes Security Advisory: HPSBUX02401
http://marc.info/?l=bugtraq&m=123376588623823&w=2
HPdes Security Advisory: HPSBUX02465
http://marc.info/?l=bugtraq&m=125631037611762&w=2
HPdes Security Advisory: SSRT080118
HPdes Security Advisory: SSRT090005
HPdes Security Advisory: SSRT090192
http://www.mandriva.com/security/advisories?name=MDVSA-2008:195
http://www.mandriva.com/security/advisories?name=MDVSA-2008:237
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577
http://www.redhat.com/support/errata/RHSA-2008-0966.html
RedHat Security Advisories: RHSA-2008:0967
http://rhn.redhat.com/errata/RHSA-2008-0967.html
http://www.securitytracker.com/id?1020267
http://secunia.com/advisories/30621
http://secunia.com/advisories/31026
http://secunia.com/advisories/31404
http://secunia.com/advisories/31416
http://secunia.com/advisories/31651
http://secunia.com/advisories/31904
http://secunia.com/advisories/32222
http://secunia.com/advisories/32685
http://secunia.com/advisories/32838
http://secunia.com/advisories/33156
http://secunia.com/advisories/33797
http://secunia.com/advisories/34219
http://secunia.com/advisories/34259
http://secunia.com/advisories/34418
http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
SuSE Security Announcement: SUSE-SR:2009:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
http://www.ubuntu.com/usn/USN-731-1
http://www.vupen.com/english/advisories/2008/1798
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2009/0320
XForce ISS Database: apache-modproxy-module-dos(42987)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42987
CopyrightCopyright (C) 2008 SecPod

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.