Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201006-17 (lighttpd)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69020

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201006-17 (lighttpd)

Resumen: The remote host is missing updates announced in;advisory GLSA 201006-17.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201006-17.

Vulnerability Insight:
A processing error in lighttpd might result in a Denial of Service
condition.

Solution:
All lighttpd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/lighttpd-1.4.25-r1'

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0295
38036
http://www.securityfocus.com/bid/38036
38403
http://secunia.com/advisories/38403
39765
http://secunia.com/advisories/39765
ADV-2011-0172
http://www.vupen.com/english/advisories/2011/0172
DSA-1987
http://www.debian.org/security/2010/dsa-1987
FEDORA-2010-7611
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html
FEDORA-2010-7636
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html
FEDORA-2010-7643
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html
GLSA-201006-17
http://security.gentoo.org/glsa/glsa-201006-17.xml
SUSE-SR:2010:003
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html
[oss-security] 20100202 lighttpd: slow request dos/oom attack [CVE-2010-0295]
http://www.openwall.com/lists/oss-security/2010/02/01/8
http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in
http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch
http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch
http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt
http://redmine.lighttpd.net/issues/2147
http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710
http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711
lighttpd-slow-request-dos(56038)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56038

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69020
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201006-17 (lighttpd)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201006-17.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201006-17. Vulnerability Insight: A processing error in lighttpd might result in a Denial of Service condition. Solution: All lighttpd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/lighttpd-1.4.25-r1' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0295 38036 http://www.securityfocus.com/bid/38036 38403 http://secunia.com/advisories/38403 39765 http://secunia.com/advisories/39765 ADV-2011-0172 http://www.vupen.com/english/advisories/2011/0172 DSA-1987 http://www.debian.org/security/2010/dsa-1987 FEDORA-2010-7611 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html FEDORA-2010-7636 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html FEDORA-2010-7643 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html GLSA-201006-17 http://security.gentoo.org/glsa/glsa-201006-17.xml SUSE-SR:2010:003 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html [oss-security] 20100202 lighttpd: slow request dos/oom attack [CVE-2010-0295] http://www.openwall.com/lists/oss-security/2010/02/01/8 http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt http://redmine.lighttpd.net/issues/2147 http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710 http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711 lighttpd-slow-request-dos(56038) https://exchange.xforce.ibmcloud.com/vulnerabilities/56038
Copyright	Copyright (C) 2011 E-Soft Inc.