Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.703371 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 3371-1 (spice - security update) |
Zusammenfassung: | Frediano Ziglio of Red Hat discovered several vulnerabilities in spice,;a SPICE protocol client and server library. A malicious guest can;exploit these flaws to cause a denial of service (QEMU process crash),;execute arbitrary code on the host with the privileges of the hosting;QEMU process or read and write arbitrary memory locations on the host. |
Beschreibung: | Summary: Frediano Ziglio of Red Hat discovered several vulnerabilities in spice, a SPICE protocol client and server library. A malicious guest can exploit these flaws to cause a denial of service (QEMU process crash), execute arbitrary code on the host with the privileges of the hosting QEMU process or read and write arbitrary memory locations on the host. Affected Software/OS: spice on Debian Linux Solution: For the oldstable distribution (wheezy), these problems have been fixed in version 0.11.0-1+deb7u2. For the stable distribution (jessie), these problems have been fixed in version 0.12.5-1+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 0.12.5-1.3. We recommend that you upgrade your spice packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-5260 BugTraq ID: 77019 http://www.securityfocus.com/bid/77019 Debian Security Information: DSA-3371 (Google Search) http://www.debian.org/security/2015/dsa-3371 https://security.gentoo.org/glsa/201606-05 http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html RedHat Security Advisories: RHSA-2015:1889 http://rhn.redhat.com/errata/RHSA-2015-1889.html RedHat Security Advisories: RHSA-2015:1890 http://rhn.redhat.com/errata/RHSA-2015-1890.html http://www.securitytracker.com/id/1033753 http://www.ubuntu.com/usn/USN-2766-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5261 http://www.openwall.com/lists/oss-security/2015/10/06/4 |
Copyright | Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |