 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.802139 |
| Kategorie: | Web Servers |
| Titel: | Mongoose Web Server Remote Buffer Overflow Vulnerability |
| Zusammenfassung: | Mongoose Web Server is prone to a remote buffer overflow; vulnerability. |
| Beschreibung: | Summary: Mongoose Web Server is prone to a remote buffer overflow vulnerability. Vulnerability Insight: The flaw is due to an error in the 'put_dir()' function (mongoose.c) when processing HTTP PUT web requests. This can be exploited to cause an assertion error or a stack-based buffer overflow. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Affected Software/OS: Mongoose Web Server version 3.0. Solution: Apply the patch from the referenced advisory. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2900 45464 http://secunia.com/advisories/45464 45902 http://secunia.com/advisories/45902 48980 http://www.securityfocus.com/bid/48980 8337 http://securityreason.com/securityalert/8337 FEDORA-2011-11636 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065273.html FEDORA-2011-11823 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065505.html FEDORA-2011-11825 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065537.html [oss-security] 20110803 CVE id request: shttpd/mongoose/yassl embedded webserver http://www.openwall.com/lists/oss-security/2011/08/03/5 [oss-security] 20110803 Re: CVE id request: shttpd/mongoose/yassl embedded webserver http://www.openwall.com/lists/oss-security/2011/08/03/9 https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0 mongoose-put-bo(68991) https://exchange.xforce.ibmcloud.com/vulnerabilities/68991 |
| Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |