Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.892551
Categoría:Debian Local Security Checks
Título:Debian LTS: Security Advisory for slirp (DLA-2551-1)
Resumen:The remote host is missing an update for the 'slirp'; package(s) announced via the DLA-2551-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'slirp'
package(s) announced via the DLA-2551-1 advisory.

Vulnerability Insight:
Two issues have been found in slirp, a SLIP/PPP emulator using a dial up
shell account.

CVE-2020-7039

Due to mismanagement of memory, a heap-based buffer overflow or
other out-of-bounds access might happen, which can lead to a DoS
or potential execute arbitrary code.

CVE-2020-8608

Prevent a buffer overflow vulnerability due to incorrect usage
of return values from snprintf.

Affected Software/OS:
'slirp' package(s) on Debian Linux.

Solution:
For Debian 9 stretch, these problems have been fixed in version
1:1.0.17-8+deb9u1.

We recommend that you upgrade your slirp packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-7039
Bugtraq: 20200203 [SECURITY] [DSA 4616-1] qemu security update (Google Search)
https://seclists.org/bugtraq/2020/Feb/0
Debian Security Information: DSA-4616 (Google Search)
https://www.debian.org/security/2020/dsa-4616
https://security.gentoo.org/glsa/202005-02
https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289
https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80
https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9
https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html
https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html
RedHat Security Advisories: RHSA-2020:0348
https://access.redhat.com/errata/RHSA-2020:0348
RedHat Security Advisories: RHSA-2020:0775
https://access.redhat.com/errata/RHSA-2020:0775
SuSE Security Announcement: openSUSE-SU-2020:0468 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://usn.ubuntu.com/4283-1/
Common Vulnerability Exposure (CVE) ID: CVE-2020-8608
Debian Security Information: DSA-4733 (Google Search)
https://www.debian.org/security/2020/dsa-4733
https://security.gentoo.org/glsa/202003-66
https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0
https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
https://www.openwall.com/lists/oss-security/2020/02/06/2
https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.