ID de Prueba:	1.3.6.1.4.1.25623.1.0.108625
Categoría:	Denial of Service
Título:	Apache Struts DoS Vulnerability (S2-051) - Linux
Resumen:	Apache Struts is prone to a Denial of Service (DoS); vulnerability in the Struts REST plugin.;; This VT has been deprecated and merged into the VT 'Apache Struts DoS Vulnerability (S2-051)'; (OID: 1.3.6.1.4.1.25623.1.0.108624).
Descripción:	Summary: Apache Struts is prone to a Denial of Service (DoS) vulnerability in the Struts REST plugin. This VT has been deprecated and merged into the VT 'Apache Struts DoS Vulnerability (S2-051)' (OID: 1.3.6.1.4.1.25623.1.0.108624). Vulnerability Insight: The REST Plugin is using outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload. Vulnerability Impact: An attacker can exploit this issue to cause a DoS condition, denying service to legitimate users. Affected Software/OS: Apache Struts 2.1.6 through 2.3.33 and 2.5 through 2.5.12. Solution: Update to version 2.3.34, 2.5.13 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9793 BugTraq ID: 100611 http://www.securityfocus.com/bid/100611 Cisco Security Advisory: 20170907 Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 http://www.securitytracker.com/id/1039262
Copyright	Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.