Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0160)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0160

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0160)

Resumen: The remote host is missing an update for the 'nginx' package(s) announced via the MGASA-2013-0160 advisory.

Descripción: Summary:
The remote host is missing an update for the 'nginx' package(s) announced via the MGASA-2013-0160 advisory.

Vulnerability Insight:
A security problem related to CVE-2013-2028 was identified, affecting some
previous nginx versions if proxy_pass to untrusted upstream HTTP servers is
used. The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an upstream
proxied server (CVE-2013-2070).

Affected Software/OS:
'nginx' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-2070
55181
http://secunia.com/advisories/55181
59824
http://www.securityfocus.com/bid/59824
DSA-2721
http://www.debian.org/security/2013/dsa-2721
FEDORA-2013-8182
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
GLSA-201310-04
http://security.gentoo.org/glsa/glsa-201310-04.xml
[nginx-announce] 20130513 nginx security advisory (CVE-2013-2070)
http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
[oss-security] 20130507 Re: nginx security advisory (CVE-2013-2028)
http://seclists.org/oss-sec/2013/q2/291
[oss-security] 20130513 nginx security advisory (CVE-2013-2070)
http://www.openwall.com/lists/oss-security/2013/05/13/3
http://nginx.org/download/patch.2013.proxy.txt
https://bugzilla.redhat.com/show_bug.cgi?id=962525
nginx-cve20132070-dos(84172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/84172

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0160
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0160)
Resumen:	The remote host is missing an update for the 'nginx' package(s) announced via the MGASA-2013-0160 advisory.
Descripción:	Summary: The remote host is missing an update for the 'nginx' package(s) announced via the MGASA-2013-0160 advisory. Vulnerability Insight: A security problem related to CVE-2013-2028 was identified, affecting some previous nginx versions if proxy_pass to untrusted upstream HTTP servers is used. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxied server (CVE-2013-2070). Affected Software/OS: 'nginx' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2070 55181 http://secunia.com/advisories/55181 59824 http://www.securityfocus.com/bid/59824 DSA-2721 http://www.debian.org/security/2013/dsa-2721 FEDORA-2013-8182 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html GLSA-201310-04 http://security.gentoo.org/glsa/glsa-201310-04.xml [nginx-announce] 20130513 nginx security advisory (CVE-2013-2070) http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html [oss-security] 20130507 Re: nginx security advisory (CVE-2013-2028) http://seclists.org/oss-sec/2013/q2/291 [oss-security] 20130513 nginx security advisory (CVE-2013-2070) http://www.openwall.com/lists/oss-security/2013/05/13/3 http://nginx.org/download/patch.2013.proxy.txt https://bugzilla.redhat.com/show_bug.cgi?id=962525 nginx-cve20132070-dos(84172) https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
Copyright	Copyright (C) 2022 Greenbone AG