Test Kennung:	1.3.6.1.4.1.25623.1.0.108625
Kategorie:	Denial of Service
Titel:	Apache Struts DoS Vulnerability (S2-051) - Linux
Zusammenfassung:	Apache Struts is prone to a Denial of Service (DoS); vulnerability in the Struts REST plugin.;; This VT has been deprecated and merged into the VT 'Apache Struts DoS Vulnerability (S2-051)'; (OID: 1.3.6.1.4.1.25623.1.0.108624).
Beschreibung:	Summary: Apache Struts is prone to a Denial of Service (DoS) vulnerability in the Struts REST plugin. This VT has been deprecated and merged into the VT 'Apache Struts DoS Vulnerability (S2-051)' (OID: 1.3.6.1.4.1.25623.1.0.108624). Vulnerability Insight: The REST Plugin is using outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload. Vulnerability Impact: An attacker can exploit this issue to cause a DoS condition, denying service to legitimate users. Affected Software/OS: Apache Struts 2.1.6 through 2.3.33 and 2.5 through 2.5.12. Solution: Update to version 2.3.34, 2.5.13 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9793 BugTraq ID: 100611 http://www.securityfocus.com/bid/100611 Cisco Security Advisory: 20170907 Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 http://www.securitytracker.com/id/1039262
Copyright	Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.