ID de Prueba:	1.3.6.1.4.1.25623.1.0.50611
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:135 (apache2)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to apache2 announced via advisory MDKSA-2004:135. A vulnerability in apache 2.0.35-2.0.52 was discovered by Chintan Trivedi he found that by sending a large amount of specially- crafted HTTP GET requests, a remote attacker could cause a Denial of Service on the httpd server. This vulnerability is due to improper enforcement of the field length limit in the header-parsing code. The updated packages have been patched to prevent this problem. Affected versions: 10.0, 10.1, 9.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:135 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942 http://xforce.iss.net/xforce/xfdb/17930 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 11436 Common Vulnerability Exposure (CVE) ID: CVE-2004-0942 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html HPdes Security Advisory: HPSBUX01123 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123 HPdes Security Advisory: SSRT4876 http://marc.info/?l=bugtraq&m=110384374213596&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:135 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962 http://www.redhat.com/support/errata/RHSA-2004-562.html http://secunia.com/advisories/19072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://www.trustix.org/errata/2004/0061/ http://www.vupen.com/english/advisories/2006/0789 XForce ISS Database: apache-http-get-dos(17930) https://exchange.xforce.ibmcloud.com/vulnerabilities/17930
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.