Test Kennung:	1.3.6.1.4.1.25623.1.0.120135
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2013-189)
Zusammenfassung:	The remote host is missing an update announced via the referenced Security Advisory.
Beschreibung:	Summary: The remote host is missing an update announced via the referenced Security Advisory. Vulnerability Insight: http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028 . Solution: Run yum update nginx to update your system. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2070 BugTraq ID: 59824 http://www.securityfocus.com/bid/59824 Debian Security Information: DSA-2721 (Google Search) http://www.debian.org/security/2013/dsa-2721 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html http://security.gentoo.org/glsa/glsa-201310-04.xml http://nginx.org/download/patch.2013.proxy.txt https://bugzilla.redhat.com/show_bug.cgi?id=962525 http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html http://seclists.org/oss-sec/2013/q2/291 http://www.openwall.com/lists/oss-security/2013/05/13/3 http://secunia.com/advisories/55181 XForce ISS Database: nginx-cve20132070-dos(84172) https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
Copyright	Copyright (C) 2015 Eero Volotinen

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.