Lucene search

K
mageiaGentoo FoundationMGASA-2015-0099
HistoryMar 06, 2015 - 9:08 p.m.

Updated apache packages fix CVE-2015-0228

2015-03-0621:08:57
Gentoo Foundation
advisories.mageia.org
21

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.041

Percentile

92.3%

Updated apache packages fix security vulnerability: In the mod_lua module in the Apache HTTP Server through 2.4.10, a maliciously crafted websockets PING after a script calls r:wsupgrade() can cause a child process crash (CVE-2015-0228).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchapache< 2.4.7-5.6apache-2.4.7-5.6.mga4

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.041

Percentile

92.3%