Test Kennung:	1.3.6.1.4.1.25623.1.0.120063
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2015-578)
Zusammenfassung:	The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2015-578 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2015-578 advisory. Vulnerability Insight: Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. Affected Software/OS: 'httpd' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3183 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 75963 http://www.securityfocus.com/bid/75963 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3325 (Google Search) http://www.debian.org/security/2015/dsa-3325 https://security.gentoo.org/glsa/201610-02 HPdes Security Advisory: HPSBUX03512 http://marc.info/?l=bugtraq&m=144493176821532&w=2 HPdes Security Advisory: SSRT102254 https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2015:1666 http://rhn.redhat.com/errata/RHSA-2015-1666.html RedHat Security Advisories: RHSA-2015:1667 http://rhn.redhat.com/errata/RHSA-2015-1667.html RedHat Security Advisories: RHSA-2015:1668 http://rhn.redhat.com/errata/RHSA-2015-1668.html RedHat Security Advisories: RHSA-2015:2659 https://access.redhat.com/errata/RHSA-2015:2659 RedHat Security Advisories: RHSA-2015:2660 https://access.redhat.com/errata/RHSA-2015:2660 RedHat Security Advisories: RHSA-2015:2661 http://rhn.redhat.com/errata/RHSA-2015-2661.html RedHat Security Advisories: RHSA-2016:0061 http://rhn.redhat.com/errata/RHSA-2016-0061.html RedHat Security Advisories: RHSA-2016:0062 http://rhn.redhat.com/errata/RHSA-2016-0062.html RedHat Security Advisories: RHSA-2016:2054 http://rhn.redhat.com/errata/RHSA-2016-2054.html RedHat Security Advisories: RHSA-2016:2055 http://rhn.redhat.com/errata/RHSA-2016-2055.html RedHat Security Advisories: RHSA-2016:2056 http://rhn.redhat.com/errata/RHSA-2016-2056.html http://www.securitytracker.com/id/1032967 SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html http://www.ubuntu.com/usn/USN-2686-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.