 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.72008 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandriva Security Advisory MDVSA-2012:019 (apr) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to apr announced via advisory MDVSA-2012:019. A vulnerability has been found and corrected in ASF APR: tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2012-0840). APR has been upgraded to the latest version (1.4.6) which holds many improvments over the previous versions and is not vulnerable to this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:019 http://www.apache.org/dist/apr/CHANGES-APR-1.4 Risk factor : High |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-0840 http://www.mandriva.com/security/advisories?name=MDVSA-2012:019 http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD@eris.apache.org%3E http://www.mail-archive.com/dev%40apr.apache.org/msg24439.html http://www.mail-archive.com/dev%40apr.apache.org/msg24472.html http://www.mail-archive.com/dev%40apr.apache.org/msg24473.html http://openwall.com/lists/oss-security/2012/02/08/3 http://openwall.com/lists/oss-security/2012/02/09/1 http://secunia.com/advisories/47862 XForce ISS Database: apacheapr-hash-dos(73096) https://exchange.xforce.ibmcloud.com/vulnerabilities/73096 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |