Sårbarhetslösningar
 |
tillagda skanningar de senaste 7 dagarna |
| Nimsoft Cloud Monitor periodiska sårbarhetsskanning kontrollerar sårbarheten nedan. Om du vill se de senasta sårbarhetslösningarna som skannas av Nimsoft Cloud Monitor kan du gå till översikten med sårbarhetslösningar |
| Kategori: Web Servers | Riskfaktor: Critical | Tillagt: 9 mar 2010 |
| Synopsis: The remote web server is affected by multiple vulnerabilities Description: According to its banner, the version of Apache 2.2 installed on the remote host is older than 2.2.15. Such versions are potentially affected by multiple vulnerabilities : - A TLS renegotiation prefix injection attack is possible. (CVE-2009-3555) - The 'mod_proxy_ajp' module returns the wrong status code if it encounters an error which causes the back-end server to be put into an error state. (CVE-2010-0408) - The 'mod_isapi' attempts to unload the 'ISAPI.dll' when it encounters various error states which could leave call-backs in an undefined state. (CVE-2010-0425) - A flaw in the core sub-request process code can lead to sensitive information from a request being handled by the wrong thread if a multi-threaded environment is used. (CVE-2010-0434) See also: http://httpd.apache.org/security/vulnerabilities_22.html https://issues.apache.org/bugzilla/show_bug.cgi?id=48359 http://www.apache.org/dist/httpd/CHANGES_2.2.15 Solution: Upgrade to Apache version 2.2.15 or later. Risk factor: Critical / CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) |
||
