Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.703551 |
Categoría: | Debian Local Security Checks |
Título: | Debian Security Advisory DSA 3551-1 (fuseiso - security update) |
Resumen: | It was discovered that fuseiso,;a user-space implementation of the ISO 9660 file system based on FUSE,;contains several vulnerabilities.;;CVE-2015-8836;A stack-based buffer overflow may allow attackers who can trick a;user into mounting a crafted ISO 9660 file system to cause a;denial of service (crash), or, potentially, execute arbitrary;code.;;CVE-2015-8837;An integer overflow leads to a heap-based buffer overflow, which;allows an attacker (who can trick a user into mounting a crafted;ISO 9660 file system) to cause a denial of service (crash), or,;potentially, execute arbitrary code. |
Descripción: | Summary: It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities. CVE-2015-8836 A stack-based buffer overflow may allow attackers who can trick a user into mounting a crafted ISO 9660 file system to cause a denial of service (crash), or, potentially, execute arbitrary code. CVE-2015-8837 An integer overflow leads to a heap-based buffer overflow, which allows an attacker (who can trick a user into mounting a crafted ISO 9660 file system) to cause a denial of service (crash), or, potentially, execute arbitrary code. Affected Software/OS: fuseiso on Debian Linux Solution: For the oldstable distribution (wheezy), these problems have been fixed in version 20070708-3+deb7u1. The stable distribution (jessie) does not contain fuseiso packages. For the unstable distribution (sid), these problems have been fixed in version 20070708-3.2. We recommend that you upgrade your fuseiso packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-8836 Debian Security Information: DSA-3551 (Google Search) http://www.debian.org/security/2016/dsa-3551 http://www.openwall.com/lists/oss-security/2015/02/06/7 http://www.openwall.com/lists/oss-security/2015/02/23/9 Common Vulnerability Exposure (CVE) ID: CVE-2015-8837 https://security.gentoo.org/glsa/202007-20 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |