 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.71946 |
| Category: | Slackware Local Security Checks |
| Title: | Slackware: Security Advisory (SSA:2011-145-01) |
| Summary: | The remote host is missing an update for the 'apr/apr-util' package(s) announced via the SSA:2011-145-01 advisory. |
| Description: | Summary: The remote host is missing an update for the 'apr/apr-util' package(s) announced via the SSA:2011-145-01 advisory. Vulnerability Insight: New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue in apr and a crash bug in apr-util. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/packages/apr-1.4.5-i486-1_slack13.37.txz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: [link moved to references] (* Security fix *) patches/packages/apr-util-1.3.12-i486-1_slack13.37.txz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). +--------------------------+ Affected Software/OS: 'apr/apr-util' package(s) on Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1928 44558 http://secunia.com/advisories/44558 44613 http://secunia.com/advisories/44613 44661 http://secunia.com/advisories/44661 44780 http://secunia.com/advisories/44780 48308 http://secunia.com/advisories/48308 ADV-2011-1289 http://www.vupen.com/english/advisories/2011/1289 ADV-2011-1290 http://www.vupen.com/english/advisories/2011/1290 HPSBOV02822 http://marc.info/?l=bugtraq&m=134987041210674&w=2 MDVSA-2011:095 http://www.mandriva.com/security/advisories?name=MDVSA-2011:095 RHSA-2011:0844 http://www.redhat.com/support/errata/RHSA-2011-0844.html SSRT100966 SUSE-SU-2011:1229 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html [httpd-announce] 20110519 Regressions in httpd 2.2.18, apr 1.4.4, and apr-util 1.3.11 http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403%40apache.org%3E [oss-security] 20110519 CVE request: DoS in apr due to CVE-2011-0419 fix http://openwall.com/lists/oss-security/2011/05/19/5 [oss-security] 20110519 Re: CVE request: DoS in apr due to CVE-2011-0419 fix http://openwall.com/lists/oss-security/2011/05/19/10 [www-announce] 20110519 Regressions in httpd 2.2.18, apr 1.4.4, and apr-util 1.3.11 http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4DD55076.1060005%40apache.org%3e http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182 https://issues.apache.org/bugzilla/show_bug.cgi?id=51219 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |