 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.891690 |
| Categoría: | Debian Local Security Checks |
| Título: | Debian LTS: Security Advisory for liblivemedia (DLA-1690-1) |
| Resumen: | Multiple vulnerabilities have been discovered in liblivemedia, the;LIVE555 RTSP server library:;;CVE-2019-6256;;liblivemedia servers with RTSP-over-HTTP tunneling enabled are;vulnerable to an invalid function pointer dereference. This issue;might happen during error handling when processing two GET and;POST requests being sent with identical x-sessioncookie within;the same TCP session and might be leveraged by remote attackers;to cause DoS.;;CVE-2019-7314;;liblivemedia servers with RTSP-over-HTTP tunneling enabled are;affected by a use-after-free vulnerability. This vulnerability;might be triggered by remote attackers to cause DoS (server crash);or possibly unspecified other impact. |
| Descripción: | Summary: Multiple vulnerabilities have been discovered in liblivemedia, the LIVE555 RTSP server library: CVE-2019-6256 liblivemedia servers with RTSP-over-HTTP tunneling enabled are vulnerable to an invalid function pointer dereference. This issue might happen during error handling when processing two GET and POST requests being sent with identical x-sessioncookie within the same TCP session and might be leveraged by remote attackers to cause DoS. CVE-2019-7314 liblivemedia servers with RTSP-over-HTTP tunneling enabled are affected by a use-after-free vulnerability. This vulnerability might be triggered by remote attackers to cause DoS (server crash) or possibly unspecified other impact. Affected Software/OS: liblivemedia on Debian Linux Solution: For Debian 8 'Jessie', these problems have been fixed in version 2014.01.13-1+deb8u2. We recommend that you upgrade your liblivemedia packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-6256 Bugtraq: 20190317 [SECURITY] [DSA 4408-1] liblivemedia security update (Google Search) https://seclists.org/bugtraq/2019/Mar/22 Debian Security Information: DSA-4408 (Google Search) https://www.debian.org/security/2019/dsa-4408 https://security.gentoo.org/glsa/202005-06 https://github.com/rgaufman/live555/issues/19 https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html Common Vulnerability Exposure (CVE) ID: CVE-2019-7314 http://lists.live555.com/pipermail/live-devel/2019-February/021143.html http://www.live555.com/liveMedia/public/changelog.txt SuSE Security Announcement: openSUSE-SU-2019:1797 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00044.html SuSE Security Announcement: openSUSE-SU-2019:1880 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00024.html SuSE Security Announcement: openSUSE-SU-2020:0944 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00009.html |
| Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |