ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2016.1011
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2016-1011)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'mariadb' package(s) announced via the EulerOS-SA-2016-1011 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'mariadb' package(s) announced via the EulerOS-SA-2016-1011 advisory. Vulnerability Insight: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047) This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.(CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0616) Affected Software/OS: 'mariadb' package(s) on Huawei EulerOS V2.0SP1. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-4792 BugTraq ID: 77171 http://www.securityfocus.com/bid/77171 Debian Security Information: DSA-3377 (Google Search) http://www.debian.org/security/2015/dsa-3377 Debian Security Information: DSA-3385 (Google Search) http://www.debian.org/security/2015/dsa-3385 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html RedHat Security Advisories: RHSA-2016:0534 http://rhn.redhat.com/errata/RHSA-2016-0534.html RedHat Security Advisories: RHSA-2016:0705 http://rhn.redhat.com/errata/RHSA-2016-0705.html RedHat Security Advisories: RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132 RedHat Security Advisories: RHSA-2016:1480 http://rhn.redhat.com/errata/RHSA-2016-1480.html RedHat Security Advisories: RHSA-2016:1481 http://rhn.redhat.com/errata/RHSA-2016-1481.html http://www.securitytracker.com/id/1033894 SuSE Security Announcement: SUSE-SU-2016:0296 (Google Search) https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html SuSE Security Announcement: openSUSE-SU-2015:2244 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:2246 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:0368 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html http://www.ubuntu.com/usn/USN-2781-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-4802 BugTraq ID: 77165 http://www.securityfocus.com/bid/77165 Common Vulnerability Exposure (CVE) ID: CVE-2015-4815 BugTraq ID: 77222 http://www.securityfocus.com/bid/77222 Common Vulnerability Exposure (CVE) ID: CVE-2015-4816 BugTraq ID: 77134 http://www.securityfocus.com/bid/77134 RedHat Security Advisories: RHSA-2015:1628 http://rhn.redhat.com/errata/RHSA-2015-1628.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4819 BugTraq ID: 77196 http://www.securityfocus.com/bid/77196 Common Vulnerability Exposure (CVE) ID: CVE-2015-4826 BugTraq ID: 77237 http://www.securityfocus.com/bid/77237 Common Vulnerability Exposure (CVE) ID: CVE-2015-4830 BugTraq ID: 77228 http://www.securityfocus.com/bid/77228 Common Vulnerability Exposure (CVE) ID: CVE-2015-4836 BugTraq ID: 77190 http://www.securityfocus.com/bid/77190 Common Vulnerability Exposure (CVE) ID: CVE-2015-4858 BugTraq ID: 77145 http://www.securityfocus.com/bid/77145 Common Vulnerability Exposure (CVE) ID: CVE-2015-4861 BugTraq ID: 77137 http://www.securityfocus.com/bid/77137 Common Vulnerability Exposure (CVE) ID: CVE-2015-4870 BugTraq ID: 77208 http://www.securityfocus.com/bid/77208 https://www.exploit-db.com/exploits/39867/ http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4879 BugTraq ID: 77140 http://www.securityfocus.com/bid/77140 Common Vulnerability Exposure (CVE) ID: CVE-2015-4913 BugTraq ID: 77153 http://www.securityfocus.com/bid/77153 Common Vulnerability Exposure (CVE) ID: CVE-2016-0505 BugTraq ID: 81088 http://www.securityfocus.com/bid/81088 Debian Security Information: DSA-3453 (Google Search) http://www.debian.org/security/2016/dsa-3453 Debian Security Information: DSA-3459 (Google Search) http://www.debian.org/security/2016/dsa-3459 http://www.securitytracker.com/id/1034708 SuSE Security Announcement: SUSE-SU-2016:1619 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html SuSE Security Announcement: SUSE-SU-2016:1620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html SuSE Security Announcement: openSUSE-SU-2016:0367 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html SuSE Security Announcement: openSUSE-SU-2016:0377 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html SuSE Security Announcement: openSUSE-SU-2016:1664 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html SuSE Security Announcement: openSUSE-SU-2016:1686 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://www.ubuntu.com/usn/USN-2881-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0546 BugTraq ID: 81066 http://www.securityfocus.com/bid/81066 Common Vulnerability Exposure (CVE) ID: CVE-2016-0596 BugTraq ID: 81130 http://www.securityfocus.com/bid/81130 Common Vulnerability Exposure (CVE) ID: CVE-2016-0597 BugTraq ID: 81151 http://www.securityfocus.com/bid/81151 Common Vulnerability Exposure (CVE) ID: CVE-2016-0598 BugTraq ID: 81182 http://www.securityfocus.com/bid/81182 Common Vulnerability Exposure (CVE) ID: CVE-2016-0600 BugTraq ID: 81188 http://www.securityfocus.com/bid/81188 Common Vulnerability Exposure (CVE) ID: CVE-2016-0606 Common Vulnerability Exposure (CVE) ID: CVE-2016-0608 BugTraq ID: 81226 http://www.securityfocus.com/bid/81226 Common Vulnerability Exposure (CVE) ID: CVE-2016-0609 BugTraq ID: 81258 http://www.securityfocus.com/bid/81258 Common Vulnerability Exposure (CVE) ID: CVE-2016-0616 BugTraq ID: 81176 http://www.securityfocus.com/bid/81176 Common Vulnerability Exposure (CVE) ID: CVE-2016-2047 BugTraq ID: 81810 http://www.securityfocus.com/bid/81810 Debian Security Information: DSA-3557 (Google Search) http://www.debian.org/security/2016/dsa-3557 http://www.openwall.com/lists/oss-security/2016/01/26/3 http://www.securitytracker.com/id/1035606 SuSE Security Announcement: SUSE-SU-2016:1279 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:1332 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html http://www.ubuntu.com/usn/USN-2953-1 http://www.ubuntu.com/usn/USN-2954-1
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.