Test Kennung:	1.3.6.1.4.1.25623.1.0.120083
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2014-414)
Zusammenfassung:	The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2014-414 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ALAS-2014-414 advisory. Vulnerability Insight: The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass 'RequestHeader unset' directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states 'this is not a security issue in httpd as such.' Affected Software/OS: 'httpd' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5704 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 66550 http://www.securityfocus.com/bid/66550 https://security.gentoo.org/glsa/201504-03 HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: HPSBUX03512 http://marc.info/?l=bugtraq&m=144493176821532&w=2 HPdes Security Advisory: SSRT102066 HPdes Security Advisory: SSRT102254 http://www.mandriva.com/security/advisories?name=MDVSA-2014:174 http://martin.swende.se/blog/HTTPChunked.html http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2 https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2015:0325 http://rhn.redhat.com/errata/RHSA-2015-0325.html RedHat Security Advisories: RHSA-2015:1249 http://rhn.redhat.com/errata/RHSA-2015-1249.html RedHat Security Advisories: RHSA-2015:2659 https://access.redhat.com/errata/RHSA-2015:2659 RedHat Security Advisories: RHSA-2015:2660 https://access.redhat.com/errata/RHSA-2015:2660 RedHat Security Advisories: RHSA-2015:2661 http://rhn.redhat.com/errata/RHSA-2015-2661.html RedHat Security Advisories: RHSA-2016:0061 http://rhn.redhat.com/errata/RHSA-2016-0061.html RedHat Security Advisories: RHSA-2016:0062 http://rhn.redhat.com/errata/RHSA-2016-0062.html http://www.ubuntu.com/usn/USN-2523-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.