ID de Prueba:	1.3.6.1.4.1.25623.1.0.120240
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2011-30)
Resumen:	The remote host is missing an update for the 'nginx' package(s) announced via the ALAS-2011-30 advisory.
Descripción:	Summary: The remote host is missing an update for the 'nginx' package(s) announced via the ALAS-2011-30 advisory. Vulnerability Insight: Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. Affected Software/OS: 'nginx' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4315 47097 http://secunia.com/advisories/47097 48577 http://secunia.com/advisories/48577 50710 http://www.securityfocus.com/bid/50710 FEDORA-2011-16075 http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html GLSA-201203-22 http://security.gentoo.org/glsa/glsa-201203-22.xml SUSE-SU-2011:1300 http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00005.html [oss-security] 20111117 CVE Request: nginx resolver heap overflow http://openwall.com/lists/oss-security/2011/11/17/8 [oss-security] 20111117 Re: CVE Request: nginx resolver heap overflow http://openwall.com/lists/oss-security/2011/11/17/10 http://trac.nginx.org/nginx/changeset/4268/nginx http://www.nginx.org/en/CHANGES-1.0
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.