ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0065
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0065)
Resumen:	The remote host is missing an update for the 'varnish' package(s) announced via the MGASA-2014-0065 advisory.
Descripción:	Summary: The remote host is missing an update for the 'varnish' package(s) announced via the MGASA-2014-0065 advisory. Vulnerability Insight: Updated varnish packages fix security vulnerabilities: Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI (CVE-2013-4484). Also, the services have been converted from SysV init scripts to systemd- native services, which should allow for more consistent behavior. Affected Software/OS: 'varnish' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4484 20131030 [CVE-2013-4484] DoS vulnerability in Varnish HTTP cache http://archives.neohapsis.com/archives/bugtraq/2013-10/0158.html 55452 http://secunia.com/advisories/55452 55746 http://secunia.com/advisories/55746 DSA-2814 http://www.debian.org/security/2012/dsa-2814 [oss-security] 20131030 Re: CVE number needed for Varnish DoS, also heads-up http://www.openwall.com/lists/oss-security/2013/10/30/5 https://www.varnish-cache.org/trac/ticket/1367 openSUSE-SU-2013:1679 http://lists.opensuse.org/opensuse-updates/2013-11/msg00029.html openSUSE-SU-2013:1683 http://lists.opensuse.org/opensuse-updates/2013-11/msg00033.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.