 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.4.2018.0119.1 |
| Categoría: | SuSE Local Security Checks |
| Título: | SUSE: Security Advisory (SUSE-SU-2018:0119-1) |
| Resumen: | The remote host is missing an update for the 'libical' package(s) announced via the SUSE-SU-2018:0119-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'libical' package(s) announced via the SUSE-SU-2018:0119-1 advisory. Vulnerability Insight: This update for libical fixes the following issues: Security issues fixed: - CVE-2016-5823: The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bnc#986632) - CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bsc#986639) - CVE-2016-5825: The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. (bsc#986642) - CVE-2016-5826: The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function. (bsc#986658) - CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. (bsc#986631) - CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. (bnc#1015964) Bug fixes: - libical crashes while parsing timezones (bsc#1044995) Affected Software/OS: 'libical' package(s) on SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Software Development Kit 11-SP4. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-5823 https://security.gentoo.org/glsa/201904-02 http://www.openwall.com/lists/oss-security/2016/06/25/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-5824 BugTraq ID: 91459 http://www.securityfocus.com/bid/91459 https://security.gentoo.org/glsa/201904-07 https://github.com/libical/libical/issues/235 http://www.openwall.com/lists/oss-security/2017/01/20/16 RedHat Security Advisories: RHSA-2019:0269 https://access.redhat.com/errata/RHSA-2019:0269 RedHat Security Advisories: RHSA-2019:0270 https://access.redhat.com/errata/RHSA-2019:0270 https://usn.ubuntu.com/3897-1/ Common Vulnerability Exposure (CVE) ID: CVE-2016-5825 https://bugzilla.mozilla.org/show_bug.cgi?id=1280832 Common Vulnerability Exposure (CVE) ID: CVE-2016-5826 https://bugzilla.mozilla.org/show_bug.cgi?id=1281041 Common Vulnerability Exposure (CVE) ID: CVE-2016-5827 https://bugzilla.mozilla.org/show_bug.cgi?id=1281043 Common Vulnerability Exposure (CVE) ID: CVE-2016-9584 BugTraq ID: 94948 http://www.securityfocus.com/bid/94948 http://www.openwall.com/lists/oss-security/2016/12/15/5 |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |