ID de Prueba:	1.3.6.1.4.1.25623.1.0.120063
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-578)
Resumen:	The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2015-578 advisory.
Descripción:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2015-578 advisory. Vulnerability Insight: Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. Affected Software/OS: 'httpd' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3183 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 75963 http://www.securityfocus.com/bid/75963 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3325 (Google Search) http://www.debian.org/security/2015/dsa-3325 https://security.gentoo.org/glsa/201610-02 HPdes Security Advisory: HPSBUX03512 http://marc.info/?l=bugtraq&m=144493176821532&w=2 HPdes Security Advisory: SSRT102254 https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2015:1666 http://rhn.redhat.com/errata/RHSA-2015-1666.html RedHat Security Advisories: RHSA-2015:1667 http://rhn.redhat.com/errata/RHSA-2015-1667.html RedHat Security Advisories: RHSA-2015:1668 http://rhn.redhat.com/errata/RHSA-2015-1668.html RedHat Security Advisories: RHSA-2015:2659 https://access.redhat.com/errata/RHSA-2015:2659 RedHat Security Advisories: RHSA-2015:2660 https://access.redhat.com/errata/RHSA-2015:2660 RedHat Security Advisories: RHSA-2015:2661 http://rhn.redhat.com/errata/RHSA-2015-2661.html RedHat Security Advisories: RHSA-2016:0061 http://rhn.redhat.com/errata/RHSA-2016-0061.html RedHat Security Advisories: RHSA-2016:0062 http://rhn.redhat.com/errata/RHSA-2016-0062.html RedHat Security Advisories: RHSA-2016:2054 http://rhn.redhat.com/errata/RHSA-2016-2054.html RedHat Security Advisories: RHSA-2016:2055 http://rhn.redhat.com/errata/RHSA-2016-2055.html RedHat Security Advisories: RHSA-2016:2056 http://rhn.redhat.com/errata/RHSA-2016-2056.html http://www.securitytracker.com/id/1032967 SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html http://www.ubuntu.com/usn/USN-2686-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.