Amazon Linux Local Security Checks : Amazon Linux: Security Advisory (ALAS-2016-663)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.120653

Categoría: Amazon Linux Local Security Checks

Título: Amazon Linux: Security Advisory (ALAS-2016-663)

Resumen: The remote host is missing an update for the 'privoxy' package(s) announced via the ALAS-2016-663 advisory.

Descripción: Summary:
The remote host is missing an update for the 'privoxy' package(s) announced via the ALAS-2016-663 advisory.

Vulnerability Insight:
The remove_chunked_transfer_coding function allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. (CVE-2016-1982)

The client_host function in parsers.c allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. (CVE-2016-1983)

Affected Software/OS:
'privoxy' package(s) on Amazon Linux.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-1982
Debian Security Information: DSA-3460 (Google Search)
http://www.debian.org/security/2016/dsa-3460
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176475.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176492.html
http://www.openwall.com/lists/oss-security/2016/01/21/4
http://www.openwall.com/lists/oss-security/2016/01/22/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-1983

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.120653
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2016-663)
Resumen:	The remote host is missing an update for the 'privoxy' package(s) announced via the ALAS-2016-663 advisory.
Descripción:	Summary: The remote host is missing an update for the 'privoxy' package(s) announced via the ALAS-2016-663 advisory. Vulnerability Insight: The remove_chunked_transfer_coding function allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. (CVE-2016-1982) The client_host function in parsers.c allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. (CVE-2016-1983) Affected Software/OS: 'privoxy' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1982 Debian Security Information: DSA-3460 (Google Search) http://www.debian.org/security/2016/dsa-3460 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176475.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176492.html http://www.openwall.com/lists/oss-security/2016/01/21/4 http://www.openwall.com/lists/oss-security/2016/01/22/3 Common Vulnerability Exposure (CVE) ID: CVE-2016-1983
Copyright	Copyright (C) 2016 Greenbone AG