 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.64695 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandrake Security Advisory MDVSA-2009:223 (xerces-c) |
| Zusammenfassung: | The remote host is missing an update to xerces-c;announced via advisory MDVSA-2009:223. |
| Beschreibung: | Summary: The remote host is missing an update to xerces-c announced via advisory MDVSA-2009:223. Vulnerability Insight: A vulnerability has been found and corrected in xerces-c: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-1885). This update provides a solution to this vulnerability. Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-1885 35986 http://www.securityfocus.com/bid/35986 36201 http://secunia.com/advisories/36201 ADV-2009-2196 http://www.vupen.com/english/advisories/2009/2196 FEDORA-2009-8305 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01001.html FEDORA-2009-8332 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01150.html FEDORA-2009-8345 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01136.html FEDORA-2009-8350 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01099.html MDVSA-2009:223 http://www.mandriva.com/security/advisories?name=MDVSA-2009:223 http://svn.apache.org/viewvc/xerces/c/trunk/src/xercesc/validators/DTD/DTDScanner.cpp?r1=781488&r2=781487&pathrev=781488&view=patch http://svn.apache.org/viewvc?view=rev&revision=781488 http://www.cert.fi/en/reports/2009/vulnerability2009085.html http://www.codenomicon.com/labs/xml/ http://www.networkworld.com/columnists/2009/080509-xml-flaw.html https://bugzilla.redhat.com/show_bug.cgi?id=515515 xerces-c-dtd-dos(52321) https://exchange.xforce.ibmcloud.com/vulnerabilities/52321 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |