Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0065
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0065)
Zusammenfassung:	The remote host is missing an update for the 'varnish' package(s) announced via the MGASA-2014-0065 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'varnish' package(s) announced via the MGASA-2014-0065 advisory. Vulnerability Insight: Updated varnish packages fix security vulnerabilities: Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI (CVE-2013-4484). Also, the services have been converted from SysV init scripts to systemd- native services, which should allow for more consistent behavior. Affected Software/OS: 'varnish' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4484 20131030 [CVE-2013-4484] DoS vulnerability in Varnish HTTP cache http://archives.neohapsis.com/archives/bugtraq/2013-10/0158.html 55452 http://secunia.com/advisories/55452 55746 http://secunia.com/advisories/55746 DSA-2814 http://www.debian.org/security/2012/dsa-2814 [oss-security] 20131030 Re: CVE number needed for Varnish DoS, also heads-up http://www.openwall.com/lists/oss-security/2013/10/30/5 https://www.varnish-cache.org/trac/ticket/1367 openSUSE-SU-2013:1679 http://lists.opensuse.org/opensuse-updates/2013-11/msg00029.html openSUSE-SU-2013:1683 http://lists.opensuse.org/opensuse-updates/2013-11/msg00033.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.