Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200812-04 (lighttpd)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61943

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200812-04 (lighttpd)

Resumen: The remote host is missing updates announced in;advisory GLSA 200812-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200812-04.

Vulnerability Insight:
Multiple vulnerabilities in lighttpd may lead to information disclosure or
a Denial of Service.

Solution:
All lighttpd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/lighttpd-1.4.20'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-4298
BugTraq ID: 31434
http://www.securityfocus.com/bid/31434
Bugtraq: 20081030 rPSA-2008-0309-1 lighttpd (Google Search)
http://www.securityfocus.com/archive/1/497932/100/0/threaded
Debian Security Information: DSA-1645 (Google Search)
http://www.debian.org/security/2008/dsa-1645
http://security.gentoo.org/glsa/glsa-200812-04.xml
http://www.openwall.com/lists/oss-security/2008/09/26/5
http://secunia.com/advisories/32069
http://secunia.com/advisories/32132
http://secunia.com/advisories/32480
http://secunia.com/advisories/32834
http://secunia.com/advisories/32972
SuSE Security Announcement: SUSE-SR:2008:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
http://www.vupen.com/english/advisories/2008/2741
XForce ISS Database: lighttpd-httprequestparse-dos(45471)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45471
Common Vulnerability Exposure (CVE) ID: CVE-2008-4359
BugTraq ID: 31599
http://www.securityfocus.com/bid/31599
http://openwall.com/lists/oss-security/2008/09/30/1
http://openwall.com/lists/oss-security/2008/09/30/2
http://openwall.com/lists/oss-security/2008/09/30/3
XForce ISS Database: lighttpd-urlredirect-rewrite-info-disclosure(45690)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45690
Common Vulnerability Exposure (CVE) ID: CVE-2008-4360
BugTraq ID: 31600
http://www.securityfocus.com/bid/31600
XForce ISS Database: lighttpd-moduserdir-info-disclosure(45689)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45689

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61943
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200812-04 (lighttpd)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200812-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200812-04. Vulnerability Insight: Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service. Solution: All lighttpd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/lighttpd-1.4.20' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4298 BugTraq ID: 31434 http://www.securityfocus.com/bid/31434 Bugtraq: 20081030 rPSA-2008-0309-1 lighttpd (Google Search) http://www.securityfocus.com/archive/1/497932/100/0/threaded Debian Security Information: DSA-1645 (Google Search) http://www.debian.org/security/2008/dsa-1645 http://security.gentoo.org/glsa/glsa-200812-04.xml http://www.openwall.com/lists/oss-security/2008/09/26/5 http://secunia.com/advisories/32069 http://secunia.com/advisories/32132 http://secunia.com/advisories/32480 http://secunia.com/advisories/32834 http://secunia.com/advisories/32972 SuSE Security Announcement: SUSE-SR:2008:026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://www.vupen.com/english/advisories/2008/2741 XForce ISS Database: lighttpd-httprequestparse-dos(45471) https://exchange.xforce.ibmcloud.com/vulnerabilities/45471 Common Vulnerability Exposure (CVE) ID: CVE-2008-4359 BugTraq ID: 31599 http://www.securityfocus.com/bid/31599 http://openwall.com/lists/oss-security/2008/09/30/1 http://openwall.com/lists/oss-security/2008/09/30/2 http://openwall.com/lists/oss-security/2008/09/30/3 XForce ISS Database: lighttpd-urlredirect-rewrite-info-disclosure(45690) https://exchange.xforce.ibmcloud.com/vulnerabilities/45690 Common Vulnerability Exposure (CVE) ID: CVE-2008-4360 BugTraq ID: 31600 http://www.securityfocus.com/bid/31600 XForce ISS Database: lighttpd-moduserdir-info-disclosure(45689) https://exchange.xforce.ibmcloud.com/vulnerabilities/45689
Copyright	Copyright (C) 2008 E-Soft Inc.