Soluções para vulnerabilidades

O Exame Periódico de Vulnerabilidade do Nimsoft Cloud Monitor verifica a vulnerabilidade abaixo. Para ver as soluções para vulneralidades adicionadas mais recentemente que são examinadas pelo WatchMouse, acesse a visão geral das Soluções para vulnerabilidades

Categoria: Mandriva Local Security Checks Fator de risco: High Adicionado: 8 Mar 2010
Synopsis:

The remote host is missing the patch for the advisory MDVSA-2010:057 (apache).

Description:

A vulnerabilitiy has been found and corrected in apache: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request (CVE-2010-0434).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.

See also:

http://wwwnew.mandriva.com/security/advisories?name=MDVSA-2010:057

Solution:

Apply the newest security patches from Mandriva.

Risk factor:

High