CentOS Local Security Checks : CentOS Update for procps-ng CESA-2018:1700 centos7

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882892

Categoría: CentOS Local Security Checks

Título: CentOS Update for procps-ng CESA-2018:1700 centos7

Resumen: Check the version of procps-ng

Descripción: Summary:
Check the version of procps-ng

Vulnerability Insight:
The procps-ng packages contain a set of system utilities that provide
system information, including ps, free, skill, pkill, pgrep, snice, tload,
top, uptime, vmstat, w, watch, and pwdx.

Security Fix(es):

* procps-ng, procps: Integer overflows leading to heap overflow in
file2strvec (CVE-2018-1124)

* procps-ng, procps: incorrect integer size in proc/alloc.* leading to
truncation / integer overflow issues (CVE-2018-1126)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Qualys Research Labs for reporting these
issues.

Affected Software/OS:
procps-ng on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-1124
BugTraq ID: 104214
http://www.securityfocus.com/bid/104214
Debian Security Information: DSA-4208 (Google Search)
https://www.debian.org/security/2018/dsa-4208
https://www.exploit-db.com/exploits/44806/
https://security.gentoo.org/glsa/201805-14
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html
http://seclists.org/oss-sec/2018/q2/122
RedHat Security Advisories: RHSA-2018:1700
https://access.redhat.com/errata/RHSA-2018:1700
RedHat Security Advisories: RHSA-2018:1777
https://access.redhat.com/errata/RHSA-2018:1777
RedHat Security Advisories: RHSA-2018:1820
https://access.redhat.com/errata/RHSA-2018:1820
RedHat Security Advisories: RHSA-2018:2267
https://access.redhat.com/errata/RHSA-2018:2267
RedHat Security Advisories: RHSA-2018:2268
https://access.redhat.com/errata/RHSA-2018:2268
RedHat Security Advisories: RHSA-2019:1944
https://access.redhat.com/errata/RHSA-2019:1944
RedHat Security Advisories: RHSA-2019:2401
https://access.redhat.com/errata/RHSA-2019:2401
http://www.securitytracker.com/id/1041057
SuSE Security Announcement: openSUSE-SU-2019:2376 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html
SuSE Security Announcement: openSUSE-SU-2019:2379 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html
https://usn.ubuntu.com/3658-1/
https://usn.ubuntu.com/3658-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-1126

Copyright Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882892
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for procps-ng CESA-2018:1700 centos7
Resumen:	Check the version of procps-ng
Descripción:	Summary: Check the version of procps-ng Vulnerability Insight: The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es): * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. Affected Software/OS: procps-ng on CentOS 7 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1124 BugTraq ID: 104214 http://www.securityfocus.com/bid/104214 Debian Security Information: DSA-4208 (Google Search) https://www.debian.org/security/2018/dsa-4208 https://www.exploit-db.com/exploits/44806/ https://security.gentoo.org/glsa/201805-14 https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html http://seclists.org/oss-sec/2018/q2/122 RedHat Security Advisories: RHSA-2018:1700 https://access.redhat.com/errata/RHSA-2018:1700 RedHat Security Advisories: RHSA-2018:1777 https://access.redhat.com/errata/RHSA-2018:1777 RedHat Security Advisories: RHSA-2018:1820 https://access.redhat.com/errata/RHSA-2018:1820 RedHat Security Advisories: RHSA-2018:2267 https://access.redhat.com/errata/RHSA-2018:2267 RedHat Security Advisories: RHSA-2018:2268 https://access.redhat.com/errata/RHSA-2018:2268 RedHat Security Advisories: RHSA-2019:1944 https://access.redhat.com/errata/RHSA-2019:1944 RedHat Security Advisories: RHSA-2019:2401 https://access.redhat.com/errata/RHSA-2019:2401 http://www.securitytracker.com/id/1041057 SuSE Security Announcement: openSUSE-SU-2019:2376 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html SuSE Security Announcement: openSUSE-SU-2019:2379 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html https://usn.ubuntu.com/3658-1/ https://usn.ubuntu.com/3658-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1126
Copyright	Copyright (C) 2018 Greenbone Networks GmbH