Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.831748 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandriva Update for hostapd MDVSA-2012:168 (hostapd) |
Zusammenfassung: | The remote host is missing an update for the 'hostapd'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'hostapd' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been discovered and corrected in hostapd: hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials (CVE-2012-2389). Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small TLS Message Length value in an EAP-TLS message with the More Fragments flag set (CVE-2012-4445). The updated packages have been patched to correct these issues. Affected Software/OS: hostapd on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-2389 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:168 https://bugzilla.novell.com/show_bug.cgi?id=740964 https://bugzilla.redhat.com/show_bug.cgi?id=824660 http://www.openwall.com/lists/oss-security/2012/05/23/3 http://www.openwall.com/lists/oss-security/2012/05/23/13 http://www.openwall.com/lists/oss-security/2012/05/23/5 Common Vulnerability Exposure (CVE) ID: CVE-2012-4445 BugTraq ID: 55826 http://www.securityfocus.com/bid/55826 Debian Security Information: DSA-2557 (Google Search) http://www.debian.org/security/2012/dsa-2557 FreeBSD Security Advisory: FreeBSD-SA-12:07 http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt http://www.openwall.com/lists/oss-security/2012/10/08/3 http://osvdb.org/86051 http://www.securitytracker.com/id?1027808 http://secunia.com/advisories/50805 http://secunia.com/advisories/50888 XForce ISS Database: hostapd-eaptls-dos(79104) https://exchange.xforce.ibmcloud.com/vulnerabilities/79104 |
Copyright | Copyright (c) 2012 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |