Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.120373 |
Kategorie: | Amazon Linux Local Security Checks |
Titel: | Amazon Linux: Security Advisory (ALAS-2015-504) |
Zusammenfassung: | The remote host is missing an update announced via the referenced Security Advisory. |
Beschreibung: | Summary: The remote host is missing an update announced via the referenced Security Advisory. Vulnerability Insight: A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. (CVE-2014-9636 )A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8139 )An integer underflow flaw, leading to a buffer overflow, was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8140 )A buffer overflow flaw was found in the way unzip handled Zip64 files. A specially crafted Zip archive could possibly cause unzip to crash when the archive was uncompressed. (CVE-2014-8141 ) Solution: Run yum update unzip to update your system. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-8139 http://www.ocert.org/advisories/ocert-2014-011.html http://www.securitytracker.com/id/1031433 https://access.redhat.com/errata/RHSA-2015:0700 https://bugzilla.redhat.com/show_bug.cgi?id=1174844 Common Vulnerability Exposure (CVE) ID: CVE-2014-8141 https://bugzilla.redhat.com/show_bug.cgi?id=1174856 Common Vulnerability Exposure (CVE) ID: CVE-2014-8140 https://bugzilla.redhat.com/show_bug.cgi?id=1174851 Common Vulnerability Exposure (CVE) ID: CVE-2014-9636 BugTraq ID: 71825 http://www.securityfocus.com/bid/71825 Debian Security Information: DSA-3152 (Google Search) http://www.debian.org/security/2015/dsa-3152 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148849.html https://security.gentoo.org/glsa/201611-01 http://seclists.org/oss-sec/2014/q4/489 http://seclists.org/oss-sec/2014/q4/496 http://seclists.org/oss-sec/2015/q1/216 http://seclists.org/oss-sec/2014/q4/1131 http://secunia.com/advisories/62738 http://secunia.com/advisories/62751 http://www.ubuntu.com/usn/USN-2489-1 |
Copyright | Copyright (C) 2015 Eero Volotinen |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |