ID de Prueba:	1.3.6.1.4.1.25623.1.0.703593
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 3593-1 (libxml2 - security update)
Resumen:	Several vulnerabilities were discovered;in libxml2, a library providing support to read, modify and write XML and HTML;files. A remote attacker could provide a specially crafted XML or HTML file that,;when processed by an application using libxml2, would cause a denial-of-service;against the application, or potentially the execution of arbitrary code with the;privileges of the user running the application.
Descripción:	Summary: Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the application, or potentially the execution of arbitrary code with the privileges of the user running the application. Affected Software/OS: libxml2 on Debian Linux Solution: For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u2. We recommend that you upgrade your libxml2 packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8806 BugTraq ID: 82071 http://www.securityfocus.com/bid/82071 Debian Security Information: DSA-3593 (Google Search) https://www.debian.org/security/2016/dsa-3593 https://security.gentoo.org/glsa/201701-37 https://bugzilla.gnome.org/show_bug.cgi?id=749115 http://www.openwall.com/lists/oss-security/2016/02/03/5 http://www.ubuntu.com/usn/USN-2994-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-1762 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html BugTraq ID: 85059 http://www.securityfocus.com/bid/85059 RedHat Security Advisories: RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1035353 Common Vulnerability Exposure (CVE) ID: CVE-2016-1833 http://lists.apple.com/archives/security-announce/2016/May/msg00001.html http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html BugTraq ID: 90691 http://www.securityfocus.com/bid/90691 https://bugs.chromium.org/p/project-zero/issues/detail?id=636 http://www.securitytracker.com/id/1035890 Common Vulnerability Exposure (CVE) ID: CVE-2016-1834 Common Vulnerability Exposure (CVE) ID: CVE-2016-1835 BugTraq ID: 90696 http://www.securityfocus.com/bid/90696 Common Vulnerability Exposure (CVE) ID: CVE-2016-1836 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2016-1837 Common Vulnerability Exposure (CVE) ID: CVE-2016-1838 https://bugs.chromium.org/p/project-zero/issues/detail?id=639 Common Vulnerability Exposure (CVE) ID: CVE-2016-1839 http://www.securitytracker.com/id/1038623 Common Vulnerability Exposure (CVE) ID: CVE-2016-1840 Common Vulnerability Exposure (CVE) ID: CVE-2016-2073 BugTraq ID: 85267 http://www.securityfocus.com/bid/85267 http://www.openwall.com/lists/oss-security/2016/01/25/6 http://www.openwall.com/lists/oss-security/2016/01/26/7 http://www.securitytracker.com/id/1035011 Common Vulnerability Exposure (CVE) ID: CVE-2016-3627 BugTraq ID: 84992 http://www.securityfocus.com/bid/84992 http://seclists.org/fulldisclosure/2016/May/10 http://www.openwall.com/lists/oss-security/2016/03/21/2 http://www.openwall.com/lists/oss-security/2016/03/21/3 http://www.securitytracker.com/id/1035335 SuSE Security Announcement: openSUSE-SU-2016:1298 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html SuSE Security Announcement: openSUSE-SU-2016:1446 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3705 BugTraq ID: 89854 http://www.securityfocus.com/bid/89854 Common Vulnerability Exposure (CVE) ID: CVE-2016-4447 BugTraq ID: 90864 http://www.securityfocus.com/bid/90864 http://www.openwall.com/lists/oss-security/2016/05/25/2 http://www.securitytracker.com/id/1036348 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722 Common Vulnerability Exposure (CVE) ID: CVE-2016-4449 BugTraq ID: 90865 http://www.securityfocus.com/bid/90865 http://jvn.jp/en/jp/JVN17535578/index.html http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4483 BugTraq ID: 90013 http://www.securityfocus.com/bid/90013 http://www.debian.org/security/2016/dsa-3593 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E http://www.openwall.com/lists/oss-security/2016/05/03/8 http://www.openwall.com/lists/oss-security/2016/05/04/7 http://www.openwall.com/lists/oss-security/2016/06/07/4 http://www.openwall.com/lists/oss-security/2016/06/07/5
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.