Test Kennung:	1.3.6.1.4.1.25623.1.0.72174
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 2545-1 (qemu)
Zusammenfassung:	The remote host is missing an update to qemu;announced via advisory DSA 2545-1.
Beschreibung:	Summary: The remote host is missing an update to qemu announced via advisory DSA 2545-1. Vulnerability Insight: Multiple vulnerabilities have been discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2652: The snapshot mode of QEMU (-snapshot) incorrectly handles temporary files used to store the current state, making it vulnerable to symlink attacks (including arbitrary file overwriting and guest information disclosure) due to a race condition. CVE-2012-3515: QEMU does not properly handle VT100 escape sequences when emulating certain devices with a virtual console backend. An attacker within a guest with access to the vulnerable virtual console could overwrite memory of QEMU and escalate privileges to that of the qemu process. For the stable distribution (squeeze), these problems have been fixed in version 0.12.5+dfsg-3squeeze2. For the testing distribution (wheezy), and the unstable distribution (sid), these problems will been fixed soon. Solution: We recommend that you upgrade your qemu packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2652 BugTraq ID: 53725 http://www.securityfocus.com/bid/53725 Debian Security Information: DSA-2545 (Google Search) http://www.debian.org/security/2012/dsa-2545 http://secunia.com/advisories/50132 http://secunia.com/advisories/50689 SuSE Security Announcement: SUSE-SU-2012:1202 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html http://www.ubuntu.com/usn/USN-1522-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-3515 BugTraq ID: 55413 http://www.securityfocus.com/bid/55413 Debian Security Information: DSA-2543 (Google Search) http://www.debian.org/security/2012/dsa-2543 http://security.gentoo.org/glsa/glsa-201309-24.xml https://security.gentoo.org/glsa/201604-03 http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html http://www.openwall.com/lists/oss-security/2012/09/05/10 RedHat Security Advisories: RHSA-2012:1233 http://rhn.redhat.com/errata/RHSA-2012-1233.html RedHat Security Advisories: RHSA-2012:1234 http://rhn.redhat.com/errata/RHSA-2012-1234.html RedHat Security Advisories: RHSA-2012:1235 http://rhn.redhat.com/errata/RHSA-2012-1235.html RedHat Security Advisories: RHSA-2012:1236 http://rhn.redhat.com/errata/RHSA-2012-1236.html RedHat Security Advisories: RHSA-2012:1262 http://rhn.redhat.com/errata/RHSA-2012-1262.html RedHat Security Advisories: RHSA-2012:1325 http://rhn.redhat.com/errata/RHSA-2012-1325.html http://secunia.com/advisories/50472 http://secunia.com/advisories/50528 http://secunia.com/advisories/50530 http://secunia.com/advisories/50632 http://secunia.com/advisories/50860 http://secunia.com/advisories/50913 http://secunia.com/advisories/51413 http://secunia.com/advisories/55082 SuSE Security Announcement: SUSE-SU-2012:1129 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html SuSE Security Announcement: SUSE-SU-2012:1132 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html SuSE Security Announcement: SUSE-SU-2012:1133 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html SuSE Security Announcement: SUSE-SU-2012:1135 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html SuSE Security Announcement: SUSE-SU-2012:1162 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html SuSE Security Announcement: SUSE-SU-2012:1203 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00026.html SuSE Security Announcement: SUSE-SU-2012:1205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00027.html SuSE Security Announcement: SUSE-SU-2012:1320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:1153 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00051.html SuSE Security Announcement: openSUSE-SU-2012:1170 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.html SuSE Security Announcement: openSUSE-SU-2012:1172 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1174 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html SuSE Security Announcement: openSUSE-SU-2012:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://www.ubuntu.com/usn/USN-1590-1
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.