Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-2172)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122790

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2015-2172)

Resumen: The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-2172 advisory.

Descripción: Summary:
The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-2172 advisory.

Vulnerability Insight:
[2.17-106.0.1.1]
- Remove strstr and strcasestr implementations using sse4.2 instructions.
- Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and
1818483b15d22016b0eae41d37ee91cc87b37510 backported.

[2.17-106.1]
- Rebuild with corrected release.

[2.17-106]
- Add fix for CVE-2015-5277 (#1275920).

Affected Software/OS:
'glibc' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-5277
1034196
http://www.securitytracker.com/id/1034196
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
http://seclists.org/fulldisclosure/2019/Sep/7
https://seclists.org/bugtraq/2019/Sep/7
78092
http://www.securityfocus.com/bid/78092
GLSA-201702-11
https://security.gentoo.org/glsa/201702-11
RHSA-2015:2172
http://rhn.redhat.com/errata/RHSA-2015-2172.html
USN-2985-1
http://www.ubuntu.com/usn/USN-2985-1
USN-2985-2
http://www.ubuntu.com/usn/USN-2985-2
[libc-alpha] 20140909 The GNU C Library version 2.20 is now available
https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1262914
https://sourceware.org/bugzilla/show_bug.cgi?id=17079

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122790
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2172)
Resumen:	The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-2172 advisory.
Descripción:	Summary: The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-2172 advisory. Vulnerability Insight: [2.17-106.0.1.1] - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. [2.17-106.1] - Rebuild with corrected release. [2.17-106] - Add fix for CVE-2015-5277 (#1275920). Affected Software/OS: 'glibc' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5277 1034196 http://www.securitytracker.com/id/1034196 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X http://seclists.org/fulldisclosure/2019/Sep/7 https://seclists.org/bugtraq/2019/Sep/7 78092 http://www.securityfocus.com/bid/78092 GLSA-201702-11 https://security.gentoo.org/glsa/201702-11 RHSA-2015:2172 http://rhn.redhat.com/errata/RHSA-2015-2172.html USN-2985-1 http://www.ubuntu.com/usn/USN-2985-1 USN-2985-2 http://www.ubuntu.com/usn/USN-2985-2 [libc-alpha] 20140909 The GNU C Library version 2.20 is now available https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1262914 https://sourceware.org/bugzilla/show_bug.cgi?id=17079
Copyright	Copyright (C) 2015 Greenbone AG