Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2014-1193)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123312

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2014-1193)

Resumen: The remote host is missing an update for the 'axis' package(s) announced via the ELSA-2014-1193 advisory.

Descripción: Summary:
The remote host is missing an update for the 'axis' package(s) announced via the ELSA-2014-1193 advisory.

Vulnerability Insight:
[0:1.2.1-7.5]
- Fix MITM security vulnerability
- Use GCJ friendly patch
- Resolves: CVE-2014-3596

[0:1.2.1-7.4]
- Fix MITM security vulnerability
- Resolves: CVE-2014-3596

Affected Software/OS:
'axis' package(s) on Oracle Linux 5, Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-3596
1030745
http://www.securitytracker.com/id/1030745
61222
http://secunia.com/advisories/61222
69295
http://www.securityfocus.com/bid/69295
RHSA-2014:1193
http://rhn.redhat.com/errata/RHSA-2014-1193.html
[axis-java-dev] 20190503 [jira] [Comment Edited] (AXIS-2905) Insecure certificate validation CVE-2014-3596
https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c%40%3Cjava-dev.axis.apache.org%3E
[axis-java-dev] 20190503 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596
https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5%40%3Cjava-dev.axis.apache.org%3E
[axis-java-dev] 20190907 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596
https://lists.apache.org/thread.html/8aa25c99eeb0693fc229ec87d1423b5ed5d58558618706d8aba1d832%40%3Cjava-dev.axis.apache.org%3E
[axis-java-dev] 20190909 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596
https://lists.apache.org/thread.html/5e6c92145deddcecf70c3604041dcbd615efa2d37632fc2b9c367780%40%3Cjava-dev.axis.apache.org%3E
[axis-java-dev] 20190909 [jira] [Resolved] (AXIS-2905) Insecure certificate validation CVE-2014-3596
https://lists.apache.org/thread.html/a308887782e05da7cf692e4851ae2bd429a038570cbf594e6631cc8d%40%3Cjava-dev.axis.apache.org%3E
[oss-security] 20140820 CVE-2014-3596 - Apache Axis 1 vulnerable to MITM attack
http://www.openwall.com/lists/oss-security/2014/08/20/2
apache-axis-cve20143596-spoofing(95377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95377
http://linux.oracle.com/errata/ELSA-2014-1193.html
https://issues.apache.org/jira/browse/AXIS-2905
https://www.oracle.com/security-alerts/cpujan2020.html
openSUSE-SU-2019:1497
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00007.html
openSUSE-SU-2019:1526
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00022.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123312
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-1193)
Resumen:	The remote host is missing an update for the 'axis' package(s) announced via the ELSA-2014-1193 advisory.
Descripción:	Summary: The remote host is missing an update for the 'axis' package(s) announced via the ELSA-2014-1193 advisory. Vulnerability Insight: [0:1.2.1-7.5] - Fix MITM security vulnerability - Use GCJ friendly patch - Resolves: CVE-2014-3596 [0:1.2.1-7.4] - Fix MITM security vulnerability - Resolves: CVE-2014-3596 Affected Software/OS: 'axis' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3596 1030745 http://www.securitytracker.com/id/1030745 61222 http://secunia.com/advisories/61222 69295 http://www.securityfocus.com/bid/69295 RHSA-2014:1193 http://rhn.redhat.com/errata/RHSA-2014-1193.html [axis-java-dev] 20190503 [jira] [Comment Edited] (AXIS-2905) Insecure certificate validation CVE-2014-3596 https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c%40%3Cjava-dev.axis.apache.org%3E [axis-java-dev] 20190503 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5%40%3Cjava-dev.axis.apache.org%3E [axis-java-dev] 20190907 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 https://lists.apache.org/thread.html/8aa25c99eeb0693fc229ec87d1423b5ed5d58558618706d8aba1d832%40%3Cjava-dev.axis.apache.org%3E [axis-java-dev] 20190909 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 https://lists.apache.org/thread.html/5e6c92145deddcecf70c3604041dcbd615efa2d37632fc2b9c367780%40%3Cjava-dev.axis.apache.org%3E [axis-java-dev] 20190909 [jira] [Resolved] (AXIS-2905) Insecure certificate validation CVE-2014-3596 https://lists.apache.org/thread.html/a308887782e05da7cf692e4851ae2bd429a038570cbf594e6631cc8d%40%3Cjava-dev.axis.apache.org%3E [oss-security] 20140820 CVE-2014-3596 - Apache Axis 1 vulnerable to MITM attack http://www.openwall.com/lists/oss-security/2014/08/20/2 apache-axis-cve20143596-spoofing(95377) https://exchange.xforce.ibmcloud.com/vulnerabilities/95377 http://linux.oracle.com/errata/ELSA-2014-1193.html https://issues.apache.org/jira/browse/AXIS-2905 https://www.oracle.com/security-alerts/cpujan2020.html openSUSE-SU-2019:1497 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00007.html openSUSE-SU-2019:1526 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00022.html
Copyright	Copyright (C) 2015 Greenbone AG