Lösungen für Schwachstellen

Die regelmäßigen Schwachstellenüberprüfungen von Nimsoft Cloud Monitor suchen die folgende Schwachstelle. Auf der Überblickseite Lösungen für Schwachstellen können Sie die zuletzt hinzugefügten Lösungen für Schwachstellen, die von Nimsoft Cloud Monitor überprüft werden, einsehen.

Kategorie: Ubuntu Local Security Checks Risikofaktor: Medium Hinzugefügt am: 11 Mär 2010
Synopsis:

These remote packages are missing security patches :
- apache2
- apache2-common
- apache2-doc
- apache2-mpm-event - apache2-mpm-itk
- apache2-mpm-perchild - apache2-mpm-prefork
- apache2-mpm-worker - apache2-prefork-dev
- apache2-src
- apache2-suexec
- apache2-suexec-custom - apache2-threaded-dev
- apache2-utils
- apache2.2-bin
- apache2.2-common
- libapr0
- libapr0-dev

Description:

It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2010-0408)

It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requests. (CVE-2010-0434)

Solution:

Upgrade to :
- apache2-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-common-2.0.55-4ubuntu2.10 (Ubuntu 6.06) - apache2-doc-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-event-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-itk-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-perchild-2.2.8-1ubuntu0.15 (Ubuntu 8.04) - apache2-mpm-prefork-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-worker-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-prefork-dev-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-src-2.2.11-2ubuntu2.6 (Ubuntu 9
[...]

Risk factor:

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)