Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Производитель ПО
Наименование ПО
libnginx-mod-http-auth-pam
(any)
libnginx-mod-http-cache-purge
(any)
libnginx-mod-http-dav-ext
(any)
libnginx-mod-http-echo
(any)
libnginx-mod-http-fancyindex
(any)
libnginx-mod-http-geoip
(any)
libnginx-mod-http-headers-more-filter
(any)
libnginx-mod-http-image-filter
(any)
libnginx-mod-http-lua
(any)
libnginx-mod-http-ndk
(any)
libnginx-mod-http-perl
(any)
libnginx-mod-http-subs-filter
(any)
libnginx-mod-http-uploadprogress
(any)
libnginx-mod-http-upstream-fair
(any)
libnginx-mod-http-xslt-filter
(any)
libnginx-mod-mail
(any)
libnginx-mod-nchan
(any)
libnginx-mod-rtmp
(any)
libnginx-mod-stream
(any)
nginx
(any)
nginx-common
(any)
nginx-doc
(any)
nginx-extras
(any)
nginx-full
(any)
nginx-light
(any)
Описание
Уведомление безопасности об уязвимостях libnginx-mod-stream, libnginx-mod-http-subs-filter, nginx-doc, libnginx-mod-mail, libnginx-mod-http-image-filter, libnginx-mod-http-echo, libnginx-mod-rtmp, libnginx-mod-nchan, nginx-common, libnginx-mod-http-fancyindex, libnginx-mod-http-auth-pam, libnginx-mod-http-headers-more-filter, nginx-light, nginx-extras, libnginx-mod-http-upstream-fair, libnginx-mod-http-xslt-filter, libnginx-mod-http-lua, libnginx-mod-http-perl, libnginx-mod-http-dav-ext, nginx, libnginx-mod-http-ndk, libnginx-mod-http-uploadprogress, libnginx-mod-http-cache-purge, nginx-full, libnginx-mod-http-geoip
Как исправить
Проблема может быть решена обновлением операционной системыдо следующих версий пакетов в зависимости от архитектуры:
Debian GNU/Linux 9:
noarch:
libnginx-mod-http-auth-pam - 1.10.3-1+deb9u3
libnginx-mod-http-cache-purge - 1.10.3-1+deb9u3
libnginx-mod-http-dav-ext - 1.10.3-1+deb9u3
libnginx-mod-http-echo - 1.10.3-1+deb9u3
libnginx-mod-http-fancyindex - 1.10.3-1+deb9u3
libnginx-mod-http-geoip - 1.10.3-1+deb9u3
libnginx-mod-http-headers-more-filter - 1.10.3-1+deb9u3
libnginx-mod-http-image-filter - 1.10.3-1+deb9u3
libnginx-mod-http-lua - 1.10.3-1+deb9u3
libnginx-mod-http-ndk - 1.10.3-1+deb9u3
libnginx-mod-http-perl - 1.10.3-1+deb9u3
libnginx-mod-http-subs-filter - 1.10.3-1+deb9u3
libnginx-mod-http-uploadprogress - 1.10.3-1+deb9u3
libnginx-mod-http-upstream-fair - 1.10.3-1+deb9u3
libnginx-mod-http-xslt-filter - 1.10.3-1+deb9u3
libnginx-mod-mail - 1.10.3-1+deb9u3
libnginx-mod-nchan - 1.10.3-1+deb9u3
libnginx-mod-stream - 1.10.3-1+deb9u3
nginx - 1.10.3-1+deb9u3
nginx-common - 1.10.3-1+deb9u3
nginx-doc - 1.10.3-1+deb9u3
nginx-extras - 1.10.3-1+deb9u3
nginx-full - 1.10.3-1+deb9u3
nginx-light - 1.10.3-1+deb9u3
Debian GNU/Linux 1:
noarch:
libnginx-mod-http-auth-pam - 1.14.2-2+deb10u1
libnginx-mod-http-cache-purge - 1.14.2-2+deb10u1
libnginx-mod-http-dav-ext - 1.14.2-2+deb10u1
libnginx-mod-http-echo - 1.14.2-2+deb10u1
libnginx-mod-http-fancyindex - 1.14.2-2+deb10u1
libnginx-mod-http-geoip - 1.14.2-2+deb10u1
libnginx-mod-http-headers-more-filter - 1.14.2-2+deb10u1
libnginx-mod-http-image-filter - 1.14.2-2+deb10u1
libnginx-mod-http-lua - 1.14.2-2+deb10u1
libnginx-mod-http-ndk - 1.14.2-2+deb10u1
libnginx-mod-http-perl - 1.14.2-2+deb10u1
libnginx-mod-http-subs-filter - 1.14.2-2+deb10u1
libnginx-mod-http-uploadprogress - 1.14.2-2+deb10u1
libnginx-mod-http-upstream-fair - 1.14.2-2+deb10u1
libnginx-mod-http-xslt-filter - 1.14.2-2+deb10u1
libnginx-mod-mail - 1.14.2-2+deb10u1
libnginx-mod-nchan - 1.14.2-2+deb10u1
libnginx-mod-rtmp - 1.14.2-2+deb10u1
libnginx-mod-stream - 1.14.2-2+deb10u1
nginx - 1.14.2-2+deb10u1
nginx-common - 1.14.2-2+deb10u1
nginx-doc - 1.14.2-2+deb10u1
nginx-extras - 1.14.2-2+deb10u1
nginx-full - 1.14.2-2+deb10u1
nginx-light - 1.14.2-2+deb10u1
Debian GNU/Linux 9:
noarch:
libnginx-mod-http-auth-pam - 1.10.3-1+deb9u3
libnginx-mod-http-cache-purge - 1.10.3-1+deb9u3
libnginx-mod-http-dav-ext - 1.10.3-1+deb9u3
libnginx-mod-http-echo - 1.10.3-1+deb9u3
libnginx-mod-http-fancyindex - 1.10.3-1+deb9u3
libnginx-mod-http-geoip - 1.10.3-1+deb9u3
libnginx-mod-http-headers-more-filter - 1.10.3-1+deb9u3
libnginx-mod-http-image-filter - 1.10.3-1+deb9u3
libnginx-mod-http-lua - 1.10.3-1+deb9u3
libnginx-mod-http-ndk - 1.10.3-1+deb9u3
libnginx-mod-http-perl - 1.10.3-1+deb9u3
libnginx-mod-http-subs-filter - 1.10.3-1+deb9u3
libnginx-mod-http-uploadprogress - 1.10.3-1+deb9u3
libnginx-mod-http-upstream-fair - 1.10.3-1+deb9u3
libnginx-mod-http-xslt-filter - 1.10.3-1+deb9u3
libnginx-mod-mail - 1.10.3-1+deb9u3
libnginx-mod-nchan - 1.10.3-1+deb9u3
libnginx-mod-stream - 1.10.3-1+deb9u3
nginx - 1.10.3-1+deb9u3
nginx-common - 1.10.3-1+deb9u3
nginx-doc - 1.10.3-1+deb9u3
nginx-extras - 1.10.3-1+deb9u3
nginx-full - 1.10.3-1+deb9u3
nginx-light - 1.10.3-1+deb9u3
Debian GNU/Linux 1:
noarch:
libnginx-mod-http-auth-pam - 1.14.2-2+deb10u1
libnginx-mod-http-cache-purge - 1.14.2-2+deb10u1
libnginx-mod-http-dav-ext - 1.14.2-2+deb10u1
libnginx-mod-http-echo - 1.14.2-2+deb10u1
libnginx-mod-http-fancyindex - 1.14.2-2+deb10u1
libnginx-mod-http-geoip - 1.14.2-2+deb10u1
libnginx-mod-http-headers-more-filter - 1.14.2-2+deb10u1
libnginx-mod-http-image-filter - 1.14.2-2+deb10u1
libnginx-mod-http-lua - 1.14.2-2+deb10u1
libnginx-mod-http-ndk - 1.14.2-2+deb10u1
libnginx-mod-http-perl - 1.14.2-2+deb10u1
libnginx-mod-http-subs-filter - 1.14.2-2+deb10u1
libnginx-mod-http-uploadprogress - 1.14.2-2+deb10u1
libnginx-mod-http-upstream-fair - 1.14.2-2+deb10u1
libnginx-mod-http-xslt-filter - 1.14.2-2+deb10u1
libnginx-mod-mail - 1.14.2-2+deb10u1
libnginx-mod-nchan - 1.14.2-2+deb10u1
libnginx-mod-rtmp - 1.14.2-2+deb10u1
libnginx-mod-stream - 1.14.2-2+deb10u1
nginx - 1.14.2-2+deb10u1
nginx-common - 1.14.2-2+deb10u1
nginx-doc - 1.14.2-2+deb10u1
nginx-extras - 1.14.2-2+deb10u1
nginx-full - 1.14.2-2+deb10u1
nginx-light - 1.14.2-2+deb10u1
Ссылки
http://www.debian.org/security/dsa-4505/
Источник: CVE
Наименование: CVE-2019-9516
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
Источник: CVE
Наименование: CVE-2019-9513
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
Источник: CVE
Наименование: CVE-2019-9511
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
Источник: CVE
Наименование: CVE-2019-9516
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
Источник: CVE
Наименование: CVE-2019-9513
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
Источник: CVE
Наименование: CVE-2019-9511
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511