Test Kennung:	1.3.6.1.4.1.25623.1.0.122739
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-2155)
Zusammenfassung:	The remote host is missing an update for the 'file' package(s) announced via the ELSA-2015-2155 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'file' package(s) announced via the ELSA-2015-2155 advisory. Vulnerability Insight: [5.11-31] - fix #1255396 - Make the build ID output consistent with other tools [5.11-30] - fix CVE-2014-8116 - bump the acceptable ELF program headers count to 2048 [5.11-29] - fix #839229 - fix detection of version of XML files [5.11-28] - fix #839229 - fix detection of version of XML files [5.11-27] - fix CVE-2014-0207 - cdf_read_short_sector insufficient boundary check - fix CVE-2014-0237 - cdf_unpack_summary_info() excessive looping DoS - fix CVE-2014-0238 - CDF property info parsing nelements infinite loop - fix CVE-2014-3478 - mconvert incorrect handling of truncated pascal string - fix CVE-2014-3479 - fix extensive backtracking in regular expression - fix CVE-2014-3480 - cdf_count_chain insufficient boundary check - fix CVE-2014-3487 - cdf_read_property_info insufficient boundary check - fix CVE-2014-3538 - unrestricted regular expression matching - fix CVE-2014-3587 - fix cdf_read_property_info - fix CVE-2014-3710 - out-of-bounds read in elf note headers - fix CVE-2014-8116 - multiple denial of service issues (resource consumption) - fix CVE-2014-8117 - denial of service issue (resource consumption) - fix CVE-2014-9652 - out of bounds read in mconvert() - fix CVE-2014-9653 - malformed elf file causes access to uninitialized memory [5.11-26] - fix #1080452 - remove .orig files from magic directory [5.11-25] - fix #1224667, #1224668 - show additional info for Linux swap files [5.11-24] - fix #1064268 - fix stray return -1 [5.11-23] - fix #1094648 - improve Minix detection pattern to fix false positives - fix #1161912 - trim white-spaces during ISO9660 detection - fix #1157850 - fix detection of ppc64le ELF binaries - fix #1161911 - display 'from' field on 32bit ppc core - fix #1064167 - revert MAXMIME patch - fix #1064268 - detect Dwarf debuginfo as 'not stripped' - fix #1082689 - fix invalid read when matched pattern is the last one tried - fix #1080362 - remove deadcode and OFFSET_OOB redefinition [5.11-22] - fix #1067688 - add support for aarch64 ELF binaries Affected Software/OS: 'file' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0207 59794 http://secunia.com/advisories/59794 59831 http://secunia.com/advisories/59831 68243 http://www.securityfocus.com/bid/68243 APPLE-SA-2015-04-08-2 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html DSA-2974 http://www.debian.org/security/2014/dsa-2974 DSA-3021 http://www.debian.org/security/2014/dsa-3021 HPSBUX03102 http://marc.info/?l=bugtraq&m=141017844705317&w=2 RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html RHSA-2014:1766 http://rhn.redhat.com/errata/RHSA-2014-1766.html SSRT101681 [file] 20140612 file-5.19 is now available http://mx.gw.com/pipermail/file/2014/001553.html http://support.apple.com/kb/HT6443 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.php.net/ChangeLog-5.php https://bugs.php.net/bug.php?id=67326 https://bugzilla.redhat.com/show_bug.cgi?id=1091842 https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391 https://support.apple.com/HT204659 openSUSE-SU-2014:1236 http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0237 BugTraq ID: 67759 http://www.securityfocus.com/bid/67759 Debian Security Information: DSA-3021 (Google Search) RedHat Security Advisories: RHSA-2014:1765 RedHat Security Advisories: RHSA-2014:1766 http://secunia.com/advisories/59061 http://secunia.com/advisories/59329 http://secunia.com/advisories/59418 http://secunia.com/advisories/60998 SuSE Security Announcement: SUSE-SU-2014:0869 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0238 BugTraq ID: 67765 http://www.securityfocus.com/bid/67765 Common Vulnerability Exposure (CVE) ID: CVE-2014-3478 68239 http://www.securityfocus.com/bid/68239 RHSA-2014:1327 http://rhn.redhat.com/errata/RHSA-2014-1327.html https://bugs.php.net/bug.php?id=67410 https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08 Common Vulnerability Exposure (CVE) ID: CVE-2014-3479 68241 http://www.securityfocus.com/bid/68241 https://bugs.php.net/bug.php?id=67411 https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67 Common Vulnerability Exposure (CVE) ID: CVE-2014-3480 68238 http://www.securityfocus.com/bid/68238 https://bugs.php.net/bug.php?id=67412 https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382 Common Vulnerability Exposure (CVE) ID: CVE-2014-3487 68120 http://www.securityfocus.com/bid/68120 https://bugs.php.net/bug.php?id=67413 https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d Common Vulnerability Exposure (CVE) ID: CVE-2014-3538 BugTraq ID: 68348 http://www.securityfocus.com/bid/68348 Debian Security Information: DSA-3008 (Google Search) http://www.debian.org/security/2014/dsa-3008 http://openwall.com/lists/oss-security/2014/06/30/7 RedHat Security Advisories: RHSA-2014:1327 RedHat Security Advisories: RHSA-2016:0760 http://rhn.redhat.com/errata/RHSA-2016-0760.html http://secunia.com/advisories/60696 Common Vulnerability Exposure (CVE) ID: CVE-2014-3587 BugTraq ID: 69325 http://www.securityfocus.com/bid/69325 RedHat Security Advisories: RHSA-2014:1326 http://rhn.redhat.com/errata/RHSA-2014-1326.html http://secunia.com/advisories/60609 http://www.ubuntu.com/usn/USN-2344-1 http://www.ubuntu.com/usn/USN-2369-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3710 BugTraq ID: 70807 http://www.securityfocus.com/bid/70807 Debian Security Information: DSA-3072 (Google Search) http://www.debian.org/security/2014/dsa-3072 FreeBSD Security Advisory: FreeBSD-SA-14:28 https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc https://security.gentoo.org/glsa/201503-03 https://security.gentoo.org/glsa/201701-42 RedHat Security Advisories: RHSA-2014:1767 http://rhn.redhat.com/errata/RHSA-2014-1767.html RedHat Security Advisories: RHSA-2014:1768 http://rhn.redhat.com/errata/RHSA-2014-1768.html http://www.securitytracker.com/id/1031344 http://secunia.com/advisories/60630 http://secunia.com/advisories/60699 http://secunia.com/advisories/61763 http://secunia.com/advisories/61970 http://secunia.com/advisories/61982 http://secunia.com/advisories/62347 http://secunia.com/advisories/62559 SuSE Security Announcement: openSUSE-SU-2014:1516 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html http://www.ubuntu.com/usn/USN-2391-1 http://www.ubuntu.com/usn/USN-2494-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-8116 BugTraq ID: 71700 http://www.securityfocus.com/bid/71700 http://seclists.org/oss-sec/2014/q4/1056 http://secunia.com/advisories/61944 http://secunia.com/advisories/62081 Common Vulnerability Exposure (CVE) ID: CVE-2014-8117 BugTraq ID: 71692 http://www.securityfocus.com/bid/71692 http://www.ubuntu.com/usn/USN-2535-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9652 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 72505 http://www.securityfocus.com/bid/72505 HPdes Security Advisory: HPSBMU03380 http://marc.info/?l=bugtraq&m=143748090628601&w=2 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://openwall.com/lists/oss-security/2015/02/05/12 RedHat Security Advisories: RHSA-2015:1053 http://rhn.redhat.com/errata/RHSA-2015-1053.html RedHat Security Advisories: RHSA-2015:1066 http://rhn.redhat.com/errata/RHSA-2015-1066.html RedHat Security Advisories: RHSA-2015:1135 http://rhn.redhat.com/errata/RHSA-2015-1135.html SuSE Security Announcement: SUSE-SU-2015:0424 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0436 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html SuSE Security Announcement: openSUSE-SU-2015:0440 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2014-9653 BugTraq ID: 72516 http://www.securityfocus.com/bid/72516 Debian Security Information: DSA-3196 (Google Search) http://www.debian.org/security/2015/dsa-3196 http://mx.gw.com/pipermail/file/2014/001649.html http://openwall.com/lists/oss-security/2015/02/05/13 https://usn.ubuntu.com/3686-1/
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.