 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.104915 |
| Categoría: | Denial of Service |
| Título: | Apache Commons Compress 1.22 < 1.24.0 DoS Vulnerability |
| Resumen: | The Apache Commons Compress library is prone to a denial of; service (DoS) vulnerability. |
| Descripción: | Summary: The Apache Commons Compress library is prone to a denial of service (DoS) vulnerability. Vulnerability Impact: A third party can create a malformed TAR file by manipulating file modification times headers, which when parsed with Apache Commons Compress, will cause a denial of service issue via CPU consumption. Affected Software/OS: Apache Commons FileUpload versions starting from 1.22 and prior to 1.24.0. Note: Only applications using CompressorStreamFactory class (with auto-detection of file types), TarArchiveInputStream and TarFile classes to parse TAR files are impacted. Since this code was introduced in v1.22, only that version and later versions are impacted. Solution: Update to version 1.24.0 or later. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-42503 https://lists.apache.org/thread/5xwcyr600mn074vgxq92tjssrchmc93c |
| Copyright | Copyright (C) 2023 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |