Test Kennung:	1.3.6.1.4.1.25623.1.0.120240
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2011-30)
Zusammenfassung:	The remote host is missing an update for the 'nginx' package(s) announced via the ALAS-2011-30 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'nginx' package(s) announced via the ALAS-2011-30 advisory. Vulnerability Insight: Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. Affected Software/OS: 'nginx' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4315 47097 http://secunia.com/advisories/47097 48577 http://secunia.com/advisories/48577 50710 http://www.securityfocus.com/bid/50710 FEDORA-2011-16075 http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html GLSA-201203-22 http://security.gentoo.org/glsa/glsa-201203-22.xml SUSE-SU-2011:1300 http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00005.html [oss-security] 20111117 CVE Request: nginx resolver heap overflow http://openwall.com/lists/oss-security/2011/11/17/8 [oss-security] 20111117 Re: CVE Request: nginx resolver heap overflow http://openwall.com/lists/oss-security/2011/11/17/10 http://trac.nginx.org/nginx/changeset/4268/nginx http://www.nginx.org/en/CHANGES-1.0
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.