Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2016-663

Related Vulnerabilities: CVE-2016-1982   CVE-2016-1983  

The remove_chunked_transfer_coding function allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. (CVE-2016-1982) The client_host function in parsers.c allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. (CVE-2016-1983)

Source

ALAS-2016-663

Amazon Linux AMI Security Advisory: ALAS-2016-663
Advisory Release Date: 2016-03-10 16:30 Pacific
Advisory Updated Date: 2016-03-10 16:30 Pacific
Severity: Medium
Issue Overview:

The remove_chunked_transfer_coding function allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. (CVE-2016-1982)

The client_host function in parsers.c allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. (CVE-2016-1983)


Affected Packages:

privoxy


Issue Correction:
Run yum update privoxy to update your system.

New Packages:
i686:
    privoxy-3.0.23-2.7.amzn1.i686
    privoxy-debuginfo-3.0.23-2.7.amzn1.i686

src:
    privoxy-3.0.23-2.7.amzn1.src

x86_64:
    privoxy-3.0.23-2.7.amzn1.x86_64
    privoxy-debuginfo-3.0.23-2.7.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started