ID de Prueba:	1.3.6.1.4.1.25623.1.0.123255
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-1826)
Resumen:	The remote host is missing an update for the 'libvncserver' package(s) announced via the ELSA-2014-1826 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvncserver' package(s) announced via the ELSA-2014-1826 advisory. Vulnerability Insight: [0.9.7-7.1] - Fix CVE-2014-6051 (integer overflow in screen size handling) (bug #1157668) - Fix CVE-2014-6052 (NULL pointer dereference in framebuffer setup) (bug #1157668) - Fix CVE-2014-6053 (NULL pointer dereference in ClientCutText message handling) (bug #1157668) - Fix CVE-2014-6054 (server divide-by-zero in scaling factor handling) (bug #1157668) - Fix CVE-2014-6055 (server stacked-based buffer overflow in file transfer handling) (bug #1157668) [0.9.7-7] - Revert CVE-2011-0904 and CVE-2011-0905 patch because libvncserver is not vulnerable (bug #696767) [0.9.7-6] - Fix CVE-2011-0904 and CVE-2011-0905 in more generic way (bug #696767) [0.9.7-5] - Fix CVE-2011-0904 (bug #696767) - Fix CVE-2011-0905 (bug #696767) Affected Software/OS: 'libvncserver' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6051 BugTraq ID: 70093 http://www.securityfocus.com/bid/70093 Debian Security Information: DSA-3081 (Google Search) http://www.debian.org/security/2014/dsa-3081 http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html https://security.gentoo.org/glsa/201507-07 https://security.gentoo.org/glsa/201612-36 http://www.ocert.org/advisories/ocert-2014-007.html https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html http://seclists.org/oss-sec/2014/q3/639 http://www.openwall.com/lists/oss-security/2014/09/25/11 RedHat Security Advisories: RHSA-2015:0113 http://rhn.redhat.com/errata/RHSA-2015-0113.html http://secunia.com/advisories/61506 SuSE Security Announcement: openSUSE-SU-2015:2207 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html https://usn.ubuntu.com/4587-1/ Common Vulnerability Exposure (CVE) ID: CVE-2014-6052 BugTraq ID: 70091 http://www.securityfocus.com/bid/70091 http://secunia.com/advisories/61682 http://ubuntu.com/usn/usn-2365-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-6053 https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html https://usn.ubuntu.com/4573-1/ Common Vulnerability Exposure (CVE) ID: CVE-2014-6054 BugTraq ID: 70094 http://www.securityfocus.com/bid/70094 http://www.ubuntu.com/usn/USN-2365-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-6055 BugTraq ID: 70096 http://www.securityfocus.com/bid/70096 XForce ISS Database: libvncserver-cve20146055-bo(96187) https://exchange.xforce.ibmcloud.com/vulnerabilities/96187
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.