ID de Prueba:	1.3.6.1.4.1.25623.1.0.107117
Categoría:	Denial of Service
Título:	Apache Wicket DoS Vulnerability (Dec 2016)
Resumen:	Apache Wicket is prone to a denial of service (DoS); vulnerability.
Descripción:	Summary: Apache Wicket is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Depending on the ISerializer set in the Wicket application, it's possible that a Wicket object deserialized from an untrusted source and utilized by the application causes the code to enter an infinite loop. Vulnerability Impact: Successful exploitation will allow remote attackers to cause the application to enter an infinite loop and consume excessive CPU resources, resulting in denial-of-service conditions. Affected Software/OS: Apache Wicket versions 1.5.x through 1.5.16 and 6.x through 6.24.0. Solution: Update to version 1.5.17, 6.25.0 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6793 BugTraq ID: 95168 http://www.securityfocus.com/bid/95168 Bugtraq: 20161231 Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability (Google Search) http://www.securityfocus.com/archive/1/539975/100/0/threaded https://www.tenable.com/security/research/tra-2016-23 http://www.openwall.com/lists/oss-security/2016/12/31/1 http://www.securitytracker.com/id/1037541
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.