Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.4.2015.0439.1
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2015:0439-1)
Zusammenfassung:The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2015:0439-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2015:0439-1 advisory.

Vulnerability Insight:
glibc has ben updated to fix three security issues:

* CVE-2014-7817: wordexp failed to honour WRDE_NOCMD (bsc#906371)
* CVE-2013-7423: Fixed invalid file descriptor reuse while sending DNS
query (bsc#915526)
* CVE-2015-1472: Fixed buffer overflow in wscanf (bsc#916222)

These non-security issues have been fixed:

* Remove inaccurate assembler implementations of ceill, floorl,
nearbyintl, roundl, truncl for PowerPC64 (bsc#917072)
* Don't return IPv4 addresses when looking for IPv6 addresses only
(bsc#904461)

Security Issues:

* CVE-2015-1472
* CVE-2013-7423
* CVE-2014-7817
* CVE-2014-9402

Affected Software/OS:
'glibc' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Desktop 11 SP3

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-7423
BugTraq ID: 72844
http://www.securityfocus.com/bid/72844
https://security.gentoo.org/glsa/201602-02
http://www.openwall.com/lists/oss-security/2015/01/28/20
RedHat Security Advisories: RHSA-2015:0863
http://rhn.redhat.com/errata/RHSA-2015-0863.html
RedHat Security Advisories: RHSA-2016:1207
https://access.redhat.com/errata/RHSA-2016:1207
SuSE Security Announcement: openSUSE-SU-2015:0351 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html
http://www.ubuntu.com/usn/USN-2519-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7817
BugTraq ID: 71216
http://www.securityfocus.com/bid/71216
Debian Security Information: DSA-3142 (Google Search)
http://www.debian.org/security/2015/dsa-3142
https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html
http://seclists.org/oss-sec/2014/q4/730
RedHat Security Advisories: RHSA-2014:2023
http://rhn.redhat.com/errata/RHSA-2014-2023.html
http://secunia.com/advisories/62100
http://secunia.com/advisories/62146
http://www.ubuntu.com/usn/USN-2432-1
XForce ISS Database: gnu-glibc-cve20147817-command-exec(98852)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98852
Common Vulnerability Exposure (CVE) ID: CVE-2014-9402
BugTraq ID: 71670
http://www.securityfocus.com/bid/71670
Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search)
https://seclists.org/bugtraq/2019/Jun/14
Bugtraq: 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X (Google Search)
https://seclists.org/bugtraq/2019/Sep/7
http://seclists.org/fulldisclosure/2019/Jun/18
http://seclists.org/fulldisclosure/2019/Sep/7
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://www.openwall.com/lists/oss-security/2014/12/18/1
RedHat Security Advisories: RHSA-2018:0805
https://access.redhat.com/errata/RHSA-2018:0805
Common Vulnerability Exposure (CVE) ID: CVE-2015-1472
BugTraq ID: 72428
http://www.securityfocus.com/bid/72428
https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html
http://openwall.com/lists/oss-security/2015/02/04/1
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.