Test Kennung:	1.3.6.1.4.1.25623.1.0.123289
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2014-1606)
Zusammenfassung:	The remote host is missing an update for the 'file' package(s) announced via the ELSA-2014-1606 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'file' package(s) announced via the ELSA-2014-1606 advisory. Vulnerability Insight: [5.04-21] - fix typographical error in changelog [5.04-20] - fix #1037279 - better patch for the bug from previous release [5.04-19] - fix #1037279 - display 'from' field on 32bit ppc core [5.04-18] - fix #664513 - trim white-spaces during ISO9660 detection [5.04-17] - fix CVE-2014-3479 (cdf_check_stream_offset boundary check) - fix CVE-2014-3480 (cdf_count_chain insufficient boundary check) - fix CVE-2014-0237 (cdf_unpack_summary_info() excessive looping DoS) - fix CVE-2014-0238 (CDF property info parsing nelements infinite loop) - fix CVE-2014-2270 (out-of-bounds access in search rules with offsets) - fix CVE-2014-1943 (unrestricted recursion in handling of indirect type rules) - fix CVE-2012-1571 (out of bounds read in CDF parser) [5.04-16] - fix #873997 - improve Minix detection pattern to fix false positives - fix #884396 - improve PBM pattern to fix misdetection with x86 boot sector - fix #980941 - improve Bio-Rad pattern to fix false positives - fix #849621 - tweak strength of XML, Latex and Python patterns to execute them in the proper order - fix #1067771 - detect qcow version 3 images - fix #1064463 - treat RRDTool files as binary files Affected Software/OS: 'file' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1571 Debian Security Information: DSA-2422 (Google Search) http://www.debian.org/security/2012/dsa-2422 http://www.mandriva.com/security/advisories?name=MDVSA-2012:035 http://mx.gw.com/pipermail/file/2012/000914.html http://www.ubuntu.com/usn/USN-2123-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-0237 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html BugTraq ID: 67759 http://www.securityfocus.com/bid/67759 Debian Security Information: DSA-3021 (Google Search) http://www.debian.org/security/2014/dsa-3021 RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html RedHat Security Advisories: RHSA-2014:1766 http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/59061 http://secunia.com/advisories/59329 http://secunia.com/advisories/59418 http://secunia.com/advisories/60998 SuSE Security Announcement: SUSE-SU-2014:0869 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0238 BugTraq ID: 67765 http://www.securityfocus.com/bid/67765 Common Vulnerability Exposure (CVE) ID: CVE-2014-1943 Debian Security Information: DSA-2861 (Google Search) http://www.debian.org/security/2014/dsa-2861 Debian Security Information: DSA-2868 (Google Search) http://www.debian.org/security/2014/dsa-2868 http://mx.gw.com/pipermail/file/2014/001330.html http://mx.gw.com/pipermail/file/2014/001334.html http://mx.gw.com/pipermail/file/2014/001337.html http://mx.gw.com/pipermail/file/2014/001327.html SuSE Security Announcement: openSUSE-SU-2014:0364 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html SuSE Security Announcement: openSUSE-SU-2014:0367 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00037.html http://www.ubuntu.com/usn/USN-2126-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-2270 Debian Security Information: DSA-2873 (Google Search) http://www.debian.org/security/2014/dsa-2873 https://security.gentoo.org/glsa/201503-08 http://seclists.org/oss-sec/2014/q1/473 http://seclists.org/oss-sec/2014/q1/504 http://seclists.org/oss-sec/2014/q1/505 SuSE Security Announcement: openSUSE-SU-2014:0435 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00084.html http://www.ubuntu.com/usn/USN-2162-1 http://www.ubuntu.com/usn/USN-2163-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3479 59794 http://secunia.com/advisories/59794 59831 http://secunia.com/advisories/59831 68241 http://www.securityfocus.com/bid/68241 APPLE-SA-2015-04-08-2 DSA-2974 http://www.debian.org/security/2014/dsa-2974 DSA-3021 HPSBUX03102 http://marc.info/?l=bugtraq&m=141017844705317&w=2 RHSA-2014:1765 RHSA-2014:1766 SSRT101681 [file] 20140612 file-5.19 is now available http://mx.gw.com/pipermail/file/2014/001553.html http://support.apple.com/kb/HT6443 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.php.net/ChangeLog-5.php https://bugs.php.net/bug.php?id=67411 https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67 https://support.apple.com/HT204659 openSUSE-SU-2014:1236 http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3480 68238 http://www.securityfocus.com/bid/68238 https://bugs.php.net/bug.php?id=67412 https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.