Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.851601 |
Categoría: | SuSE Local Security Checks |
Título: | openSUSE: Security Advisory for exim (openSUSE-SU-2017:2289-1) |
Resumen: | The remote host is missing an update for the 'exim'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'exim' package(s) announced via the referenced advisory. Vulnerability Insight: This update for exim fixes the following issues: Changes in exim: - specify users with ref:mail, to make them dynamic. (boo#1046971) - CVE-2017-1000369: Fixed memory leaks that could be exploited to 'stack crash' local privilege escalation (boo#1044692) - Require user(mail) group(mail) to meet new users handling in TW. - Prerequire permissions (fixes rpmlint). - conditionally disable DANE on SuSE versions with OpenSSL 1.0 - CVE-2016-1531: when installed setuid root, allows local users to gain privileges via the perl_startup argument. - CVE-2016-9963: DKIM information leakage (boo#1015930) - Makefile tuning: + add sqlite support + disable WITH_OLD_DEMIME + enable AUTH_CYRUS_SASL + enable AUTH_TLS + enable SYSLOG_LONG_LINES + enable SUPPORT_PAM + MAX_NAMED_LIST=64 + enable EXPERIMENTAL_DMARC + enable EXPERIMENTAL_EVENT + enable EXPERIMENTAL_PROXY + enable EXPERIMENTAL_CERTNAMES + enable EXPERIMENTAL_DSN + enable EXPERIMENTAL_DANE + enable EXPERIMENTAL_SOCKS + enable EXPERIMENTAL_INTERNATIONAL Affected Software/OS: exim on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1531 Debian Security Information: DSA-3517 (Google Search) http://www.debian.org/security/2016/dsa-3517 https://www.exploit-db.com/exploits/39535/ https://www.exploit-db.com/exploits/39549/ https://www.exploit-db.com/exploits/39702/ http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup http://www.securitytracker.com/id/1035512 SuSE Security Announcement: openSUSE-SU-2016:0721 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html http://www.ubuntu.com/usn/USN-2933-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-9963 BugTraq ID: 94947 http://www.securityfocus.com/bid/94947 Debian Security Information: DSA-3747 (Google Search) http://www.debian.org/security/2016/dsa-3747 http://www.securitytracker.com/id/1037484 http://www.ubuntu.com/usn/USN-3164-1 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |