Test Kennung:	1.3.6.1.4.1.25623.1.0.805051
Kategorie:	Web Servers
Titel:	Jetty < 9.2.9.v20150224 Shared Buffers Information Leakage Vulnerability - Active Check
Zusammenfassung:	Jetty is prone to an information leakage vulnerability.
Beschreibung:	Summary: Jetty is prone to an information leakage vulnerability. Vulnerability Insight: The flaw is triggered when handling 400 errors in HTTP responses. This may allow a remote attacker to gain access to potentially sensitive information in the memory. Vulnerability Impact: Successful exploitation will allow remote attackers to obtain sensitive information that may aid in further attacks. Affected Software/OS: Jetty versions 9.2.3 to 9.2.8 and beta releases of 9.3.x. Solution: Update to version 9.2.9.v20150224 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2080 BugTraq ID: 72768 http://www.securityfocus.com/bid/72768 Bugtraq: 20150225 GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server (Google Search) http://www.securityfocus.com/archive/1/534755/100/1600/threaded http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151804.html http://seclists.org/fulldisclosure/2015/Mar/12 http://packetstormsecurity.com/files/130567/Jetty-9.2.8-Shared-Buffer-Leakage.html https://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.html http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00075.html http://www.securitytracker.com/id/1031800
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.