ID de Prueba:	1.3.6.1.4.1.25623.1.0.58315
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0486
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0486. Mod_perl incorporates a Perl interpreter into the Apache web server, so that the Apache HTTP server can directly execute Perl code. The Apache::PerlRun module was found to not properly escape PATH_INFO before being used in a regular expression. If a server is configured to use Apache::PerlRun, an attacker could request a carefully crafted URI causing resource consumption, which could lead to a denial of service (CVE-2007-1349). Users of mod_perl should update to these erratum packages which contain a backported fix to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0486.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1349 1018259 http://www.securitytracker.com/id?1018259 1021508 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1 2007-0023 http://www.trustix.org/errata/2007/0023/ 20070602-01-P ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc 23192 http://www.securityfocus.com/bid/23192 24678 http://secunia.com/advisories/24678 248386 http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1 24839 http://secunia.com/advisories/24839 25072 http://secunia.com/advisories/25072 25110 http://secunia.com/advisories/25110 25432 http://secunia.com/advisories/25432 25655 http://secunia.com/advisories/25655 25730 http://secunia.com/advisories/25730 25894 http://secunia.com/advisories/25894 26084 http://secunia.com/advisories/26084 26231 http://secunia.com/advisories/26231 26290 http://secunia.com/advisories/26290 31490 http://secunia.com/advisories/31490 31493 http://secunia.com/advisories/31493 33720 http://secunia.com/advisories/33720 33723 http://secunia.com/advisories/33723 ADV-2007-1150 http://www.vupen.com/english/advisories/2007/1150 GLSA-200705-04 http://security.gentoo.org/glsa/glsa-200705-04.xml MDKSA-2007:083 http://www.mandriva.com/security/advisories?name=MDKSA-2007:083 RHSA-2007:0395 http://rhn.redhat.com/errata/RHSA-2007-0395.html RHSA-2007:0396 http://www.redhat.com/support/errata/RHSA-2007-0396.html RHSA-2007:0486 http://www.redhat.com/support/errata/RHSA-2007-0486.html RHSA-2008:0261 http://www.redhat.com/support/errata/RHSA-2008-0261.html RHSA-2008:0627 http://www.redhat.com/support/errata/RHSA-2008-0627.html RHSA-2008:0630 http://rhn.redhat.com/errata/RHSA-2008-0630.html SUSE-SR:2007:008 http://www.novell.com/linux/security/advisories/2007_8_sr.html SUSE-SR:2007:012 http://www.novell.com/linux/security/advisories/2007_12_sr.html USN-488-1 http://www.ubuntu.com/usn/usn-488-1 http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes http://www.gossamer-threads.com/lists/modperl/modperl/92739 modperl-pathinfo-dos(33312) https://exchange.xforce.ibmcloud.com/vulnerabilities/33312 oval:org.mitre.oval:def:10987 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987 oval:org.mitre.oval:def:8349 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.