ID de Prueba:	1.3.6.1.4.1.25623.1.0.50547
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:064 (apache2)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to apache2 announced via advisory MDKSA-2004:064. A Denial of Service (Dos) condition was discovered in Apache 2.x by George Guninski. Exploiting this can lead to httpd consuming an arbitrary amount of memory. On 64bit systems with more than 4GB of virtual memory, this may also lead to a heap-based overflow. The updated packages contain a patch from the ASF to correct the problem. It is recommended that you stop Apache prior to updating and then restart it again once the update is complete (service httpd stop and service httpd start respectively). Affected versions: 10.0, 9.1, 9.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493 http://www.guninski.com/httpd1.html Risk factor : High CVSS Score: 6.4
Referencia Cruzada:	BugTraq ID: 10619 Common Vulnerability Exposure (CVE) ID: CVE-2004-0493 http://www.securityfocus.com/bid/10619 Bugtraq: 20040629 TSSA-2004-012 - apache (Google Search) http://marc.info/?l=bugtraq&m=108853066800184&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/023133.html http://security.gentoo.org/glsa/glsa-200407-03.xml HPdes Security Advisory: SSRT4777 http://marc.info/?l=bugtraq&m=109181600614477&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:064 http://www.guninski.com/httpd1.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10605 http://www.redhat.com/support/errata/RHSA-2004-342.html http://www.trustix.org/errata/2004/0039/ XForce ISS Database: apache-apgetmimeheaderscore-dos(16524) https://exchange.xforce.ibmcloud.com/vulnerabilities/16524
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.