Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200907-02 (mod

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64365

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200907-02 (mod_security)

Resumen: The remote host is missing updates announced in;advisory GLSA 200907-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200907-02.

Vulnerability Insight:
Two vulnerabilities in ModSecurity might lead to a Denial of Service.

Solution:
All ModSecurity users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apache/mod_security-2.5.9'

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1902
BugTraq ID: 34096
http://www.securityfocus.com/bid/34096
Bugtraq: 20090319 [ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (Google Search)
http://www.securityfocus.com/archive/1/501968
https://www.exploit-db.com/exploits/8241
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00487.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00529.html
http://security.gentoo.org/glsa/glsa-200907-02.xml
http://www.osvdb.org/52553
http://secunia.com/advisories/34256
http://secunia.com/advisories/34311
http://secunia.com/advisories/35687
SuSE Security Announcement: SUSE-SR:2009:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://www.vupen.com/english/advisories/2009/0703
XForce ISS Database: modsecurity-multipart-dos(49212)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49212
Common Vulnerability Exposure (CVE) ID: CVE-2009-1903
http://www.osvdb.org/52552
XForce ISS Database: modsecurity-pdfxss-dos(49211)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49211

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64365
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200907-02 (mod_security)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200907-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200907-02. Vulnerability Insight: Two vulnerabilities in ModSecurity might lead to a Denial of Service. Solution: All ModSecurity users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apache/mod_security-2.5.9' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1902 BugTraq ID: 34096 http://www.securityfocus.com/bid/34096 Bugtraq: 20090319 [ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (Google Search) http://www.securityfocus.com/archive/1/501968 https://www.exploit-db.com/exploits/8241 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00487.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00529.html http://security.gentoo.org/glsa/glsa-200907-02.xml http://www.osvdb.org/52553 http://secunia.com/advisories/34256 http://secunia.com/advisories/34311 http://secunia.com/advisories/35687 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://www.vupen.com/english/advisories/2009/0703 XForce ISS Database: modsecurity-multipart-dos(49212) https://exchange.xforce.ibmcloud.com/vulnerabilities/49212 Common Vulnerability Exposure (CVE) ID: CVE-2009-1903 http://www.osvdb.org/52552 XForce ISS Database: modsecurity-pdfxss-dos(49211) https://exchange.xforce.ibmcloud.com/vulnerabilities/49211
Copyright	Copyright (C) 2009 E-Soft Inc.