Test Kennung:	1.3.6.1.4.1.25623.1.0.131093
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia Linux Local Check: mgasa-2015-0400
Zusammenfassung:	Mageia Linux Local Security Checks mgasa-2015-0400
Beschreibung:	Summary: Mageia Linux Local Security Checks mgasa-2015-0400 Vulnerability Insight: Multiple security issues in the DBMail driver for the password plugin, including buffer overflows (CVE-2015-2181) and the ability for a remote attacker to execute arbitrary shell commands as root (CVE-2015-2180). An authenticated user can download arbitrary files from the web server that the web server process has read access to, by uploading a vCard with a specially crafted POST (CVE-2015-5382). The roundcubemail package has been updated to version 1.0.6, fixing these issues and several other bugs, however the installer is currently known to be broken. Solution: Update the affected packages to the latest available version. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2180 BugTraq ID: 96387 http://www.securityfocus.com/bid/96387 Common Vulnerability Exposure (CVE) ID: CVE-2015-2181 BugTraq ID: 96391 http://www.securityfocus.com/bid/96391 Common Vulnerability Exposure (CVE) ID: CVE-2015-5382 http://www.openwall.com/lists/oss-security/2015/07/07/2 http://www.openwall.com/lists/oss-security/2015/07/07/3
Copyright	Copyright (C) 2015 Eero Volotinen

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.