|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2019:14033-1)|
|Summary:||The remote host is missing an update for the 'atftp' package(s) announced via the SUSE-SU-2019:14033-1 advisory.|
The remote host is missing an update for the 'atftp' package(s) announced via the SUSE-SU-2019:14033-1 advisory.
This update for atftp fixes the following issues:
Security issues fixed:
CVE-2019-11366: Fixed a denial of service caused by a NULL pointer
dereference because thread_list_mutex was not locked (bsc#1133145).
CVE-2019-11365: Fixed a buffer overflow which could lead to remote code
execution caused by an insecure use of strncpy() (bsc#1133114).
'atftp' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP3
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2019-11365|
Common Vulnerability Exposure (CVE) ID: CVE-2019-11366
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.