Test Kennung:	1.3.6.1.4.1.25623.1.0.70253
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: apache apache-event apache-itk apache-peruser apache-worker CVE-2011-3192 The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3192 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html BugTraq ID: 49303 http://www.securityfocus.com/bid/49303 CERT/CC vulnerability note: VU#405811 http://www.kb.cert.org/vuls/id/405811 Cisco Security Advisory: 20110830 Apache HTTPd Range Header Denial of Service Vulnerability http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml http://www.exploit-db.com/exploits/17696 http://seclists.org/fulldisclosure/2011/Aug/175 http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html HPdes Security Advisory: HPSBMU02704 http://marc.info/?l=bugtraq&m=132033751509019&w=2 HPdes Security Advisory: HPSBMU02766 http://marc.info/?l=bugtraq&m=133477473521382&w=2 HPdes Security Advisory: HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPdes Security Advisory: HPSBOV02822 http://marc.info/?l=bugtraq&m=134987041210674&w=2 HPdes Security Advisory: HPSBUX02702 http://marc.info/?l=bugtraq&m=131551295528105&w=2 HPdes Security Advisory: HPSBUX02707 http://marc.info/?l=bugtraq&m=131731002122529&w=2 HPdes Security Advisory: SSRT100606 HPdes Security Advisory: SSRT100619 HPdes Security Advisory: SSRT100624 HPdes Security Advisory: SSRT100626 HPdes Security Advisory: SSRT100852 HPdes Security Advisory: SSRT100966 http://www.mandriva.com/security/advisories?name=MDVSA-2011:130 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://osvdb.org/74721 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827 http://www.redhat.com/support/errata/RHSA-2011-1245.html http://www.redhat.com/support/errata/RHSA-2011-1294.html http://www.redhat.com/support/errata/RHSA-2011-1300.html http://www.redhat.com/support/errata/RHSA-2011-1329.html http://www.redhat.com/support/errata/RHSA-2011-1330.html http://www.redhat.com/support/errata/RHSA-2011-1369.html http://securitytracker.com/id?1025960 http://secunia.com/advisories/45606 http://secunia.com/advisories/45937 http://secunia.com/advisories/46000 http://secunia.com/advisories/46125 http://secunia.com/advisories/46126 SuSE Security Announcement: SUSE-SU-2011:1000 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html SuSE Security Announcement: SUSE-SU-2011:1007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html SuSE Security Announcement: SUSE-SU-2011:1010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html SuSE Security Announcement: SUSE-SU-2011:1216 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html SuSE Security Announcement: openSUSE-SU-2011:0993 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html http://www.ubuntu.com/usn/USN-1199-1 XForce ISS Database: apache-http-byterange-dos(69396) https://exchange.xforce.ibmcloud.com/vulnerabilities/69396
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.