Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812745
Kategorie:Mac OS X Local Security Checks
Titel:Microsoft PowerShell Core DoS And Security Feature Bypass Vulnerabilities (MacOSX)
Zusammenfassung:This host is missing an important security; update for PowerShell Core according to Microsoft security update January 2018.
Beschreibung:Summary:
This host is missing an important security
update for PowerShell Core according to Microsoft security update January 2018.

Vulnerability Insight:
Multiple flaws are due to,

- An error in the open source versions of PowerShell Core when improper
processing of XML documents by .NET Core occurs.

- An error in the open source versions of PowerShell Core where an attacker
could present a certificate that is marked invalid for a specific use,
but a .NET Core component uses it for that purpose. This action disregards
the Enhanced Key Usage tagging.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to cause a denial of service to an application using PowerShell
to process requests and also to bypass security.

Affected Software/OS:
PowerShell Core version 6.0.0 before 6.0.1

Solution:
Update PowerShell Core to version 6.0.1 or
later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-0764
BugTraq ID: 102387
http://www.securityfocus.com/bid/102387
RedHat Security Advisories: RHSA-2018:0379
https://access.redhat.com/errata/RHSA-2018:0379
http://www.securitytracker.com/id/1040152
Common Vulnerability Exposure (CVE) ID: CVE-2018-0786
BugTraq ID: 102380
http://www.securityfocus.com/bid/102380
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.