Solutions de vulnérabilité

L'analyse périodique de vulnérabilité Nimsoft Cloud Monitor vérifie la vulnérabilité ci-dessous. Pour connaître les solutions de vulnérabilité les plus récemment ajoutées analysées par WatchMouse, rendez-vous sur la vue d'ensemble Solutions de vulnérabilité

Catégorie: Gentoo Local Security Checks Facteur de risque: Medium Ajouté: 3 juil. 2009
Synopsis:

The remote host is missing the GLSA-200907-02 security update.

Description:

The remote host is affected by the vulnerability described in GLSA-200907-02 (ModSecurity: Denial of Service)


Multiple vulnerabilities were discovered in ModSecurity: Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header name (CVE-2009-1902).
Steve Grubb of Red Hat reported that the
"PDF XSS protection" feature does not properly handle HTTP requests to a PDF file that do not use the GET method (CVE-2009-1903).

Impact

A remote attacker might send requests containing specially crafted multipart data or send certain requests to access a PDF file, possibly resulting in a Denial of Service (crash) of the Apache HTTP daemon.
NOTE: The PDF XSS protection is not enabled by default.

Workaround

There is no known workaround at this time.

See also:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1903
http://www.gentoo.org/security/en/glsa/glsa-200907-02.xml

Solution:

All ModSecurity users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apache/mod_security-2.5.9"

Risk factor:

Medium