Debian Local Security Checks : Debian Security Advisory DSA 3653-1 (flex

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.703653

Categoría: Debian Local Security Checks

Título: Debian Security Advisory DSA 3653-1 (flex - security update)

Resumen: Alexander Sulfrian discovered a buffer;overflow in the yy_get_next_buffer() function generated by Flex, which may result;in denial of service and potentially the execution of code if operating on;data from untrusted sources.;;Affected applications need to be rebuild. bogofilter will be rebuild;against the updated flex in a followup update. Further affected;applications should be reported at the bug referenced above.

Descripción: Summary:
Alexander Sulfrian discovered a buffer
overflow in the yy_get_next_buffer() function generated by Flex, which may result
in denial of service and potentially the execution of code if operating on
data from untrusted sources.

Affected applications need to be rebuild. bogofilter will be rebuild
against the updated flex in a followup update. Further affected
applications should be reported at the bug referenced above.

Affected Software/OS:
flex on Debian Linux

Solution:
For the stable distribution (jessie),
this problem has been fixed in version 2.5.39-8+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 2.6.1-1.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.1-1.

We recommend that you upgrade your flex packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6354
Debian Security Information: DSA-3653 (Google Search)
http://www.debian.org/security/2016/dsa-3653
https://security.gentoo.org/glsa/201701-31
http://www.openwall.com/lists/oss-security/2016/07/18/8
http://www.openwall.com/lists/oss-security/2016/07/26/12

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.703653
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 3653-1 (flex - security update)
Resumen:	Alexander Sulfrian discovered a buffer;overflow in the yy_get_next_buffer() function generated by Flex, which may result;in denial of service and potentially the execution of code if operating on;data from untrusted sources.;;Affected applications need to be rebuild. bogofilter will be rebuild;against the updated flex in a followup update. Further affected;applications should be reported at the bug referenced above.
Descripción:	Summary: Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. bogofilter will be rebuild against the updated flex in a followup update. Further affected applications should be reported at the bug referenced above. Affected Software/OS: flex on Debian Linux Solution: For the stable distribution (jessie), this problem has been fixed in version 2.5.39-8+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 2.6.1-1. For the unstable distribution (sid), this problem has been fixed in version 2.6.1-1. We recommend that you upgrade your flex packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6354 Debian Security Information: DSA-3653 (Google Search) http://www.debian.org/security/2016/dsa-3653 https://security.gentoo.org/glsa/201701-31 http://www.openwall.com/lists/oss-security/2016/07/18/8 http://www.openwall.com/lists/oss-security/2016/07/26/12
Copyright	Copyright (C) 2016 Greenbone Networks GmbH