Test Kennung:	1.3.6.1.4.1.25623.1.0.103333
Kategorie:	Web Servers
Titel:	Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
Zusammenfassung:	Apache HTTP Server is prone to a local denial-of-service; vulnerability because of a NULL-pointer dereference error or a memory exhaustion.
Beschreibung:	Summary: Apache HTTP Server is prone to a local denial-of-service vulnerability because of a NULL-pointer dereference error or a memory exhaustion. Vulnerability Impact: Local attackers can exploit this issue to trigger a NULL-pointer dereference or memory exhaustion, and cause a server crash, denying service to legitimate users. Note: To trigger this issue, 'mod_setenvif' must be enabled and the attacker should be able to place a malicious '.htaccess' file on the affected webserver. Affected Software/OS: Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21 are vulnerable. Other versions may also be affected. Solution: Update to the most recent version of Apache HTTP Server. CVSS Score: 1.2 CVSS Vector: AV:L/AC:H/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4415 HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: SSRT100877 http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/ http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.