Soluciones para vulnerabilidades
 |
exploraciones de últimos 7 días |
| La exploración de vulnerabilidades periódica de Nimsoft Cloud Monitor busca la vulnerabilidad siguiente. Para ver las soluciones añadidas más recientemente que Nimsoft Cloud Monitor explora, visite Soluciones para vulnerabilidades. |
| Categoría: Ubuntu Local Security Checks | Factor de riesgo: Medium | Añadido: 11 mar 2010 |
| Synopsis: These remote packages are missing security patches : - apache2 - apache2-common - apache2-doc - apache2-mpm-event - apache2-mpm-itk - apache2-mpm-perchild - apache2-mpm-prefork - apache2-mpm-worker - apache2-prefork-dev - apache2-src - apache2-suexec - apache2-suexec-custom - apache2-threaded-dev - apache2-utils - apache2.2-bin - apache2.2-common - libapr0 - libapr0-dev Description: It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2010-0408) It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requests. (CVE-2010-0434) Solution: Upgrade to : - apache2-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-common-2.0.55-4ubuntu2.10 (Ubuntu 6.06) - apache2-doc-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-event-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-itk-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-perchild-2.2.8-1ubuntu0.15 (Ubuntu 8.04) - apache2-mpm-prefork-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-mpm-worker-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-prefork-dev-2.2.12-1ubuntu2.2 (Ubuntu 9.10) - apache2-src-2.2.11-2ubuntu2.6 (Ubuntu 9 [...] Risk factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) |
||
