Vulnerability Solutions
 |
added scans last 7 days |
| The Nimsoft Cloud Monitor Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview |
| Category: Ubuntu Local Security Checks | Risk factor: Medium | Added: 11 Mar 2010 |
| Synopsis: These remote packages are missing security patches : - apache2 - apache2-common - apache2-doc - apache2-mpm-event - apache2-mpm-itk - apache2-mpm-perchild - apache2-mpm-prefork - apache2-mpm-worker - apache2-prefork-dev - apache2-src - apache2-suexec - apache2-suexec-custom - apache2-threaded-dev - apache2-utils - apache2.2-bin - apache2.2-common - libapr0 - libapr0-dev Description: It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2010-0408) It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requests. (CVE-2010-0434) Solution: Upgrade to : - apache2-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-common-2.0.55-4ubuntu2.10 (Ubuntu 6.06) - apache2-doc-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-event-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-itk-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-perchild-2.2.8-1ubuntu0.15 (Ubuntu 8.04) - apache2-mpm-prefork-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-worker-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-prefork-dev-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-src-2.2.11-2ubuntu2.6 (Ubuntu 9 [...] Risk factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) |
||
