Mageia Linux Local Security Checks : Mageia Linux Local Check: mgasa-2015-0358

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.130031

Categoría: Mageia Linux Local Security Checks

Título: Mageia Linux Local Check: mgasa-2015-0358

Resumen: Mageia Linux Local Security Checks mgasa-2015-0358

Descripción: Summary:
Mageia Linux Local Security Checks mgasa-2015-0358

Vulnerability Insight:
Updated libxml2 packages fix security vulnerability: The xmlreader in libxml2 allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack (CVE-2015-1819). The libxml2 package has been patched to fix this issue, as well as two out-of-bounds read issues (bgo#744980, bgo#746048).

Solution:
Update the affected packages to the latest available version.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1819
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 75570
http://www.securityfocus.com/bid/75570
Debian Security Information: DSA-3430 (Google Search)
http://www.debian.org/security/2015/dsa-3430
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html
https://security.gentoo.org/glsa/201507-08
https://security.gentoo.org/glsa/201701-37
RedHat Security Advisories: RHSA-2015:1419
http://rhn.redhat.com/errata/RHSA-2015-1419.html
RedHat Security Advisories: RHSA-2015:2550
http://rhn.redhat.com/errata/RHSA-2015-2550.html
http://www.securitytracker.com/id/1034243
SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
http://www.ubuntu.com/usn/USN-2812-1

Copyright Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.130031
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia Linux Local Check: mgasa-2015-0358
Resumen:	Mageia Linux Local Security Checks mgasa-2015-0358
Descripción:	Summary: Mageia Linux Local Security Checks mgasa-2015-0358 Vulnerability Insight: Updated libxml2 packages fix security vulnerability: The xmlreader in libxml2 allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack (CVE-2015-1819). The libxml2 package has been patched to fix this issue, as well as two out-of-bounds read issues (bgo#744980, bgo#746048). Solution: Update the affected packages to the latest available version. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1819 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html BugTraq ID: 75570 http://www.securityfocus.com/bid/75570 Debian Security Information: DSA-3430 (Google Search) http://www.debian.org/security/2015/dsa-3430 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html https://security.gentoo.org/glsa/201507-08 https://security.gentoo.org/glsa/201701-37 RedHat Security Advisories: RHSA-2015:1419 http://rhn.redhat.com/errata/RHSA-2015-1419.html RedHat Security Advisories: RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html http://www.securitytracker.com/id/1034243 SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html http://www.ubuntu.com/usn/USN-2812-1
Copyright	Copyright (C) 2015 Eero Volotinen