Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.841901
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for file USN-2278-1
Zusammenfassung:The remote host is missing an update for the 'file'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'file'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Mike Frysinger discovered that the file awk script detector
used multiple wildcard with unlimited repetitions. An attacker could use this
issue to cause file to consume resources, resulting in a denial of service.
(CVE-2013-7345)

Francisco Alonso discovered that file incorrectly handled certain CDF
documents. A attacker could use this issue to cause file to hang or crash,
resulting in a denial of service. (CVE-2014-0207, CVE-2014-3478,
CVE-2014-3479, CVE-2014-3480, CVE-2014-3487)

Jan Kaluž a discovered that file did not properly restrict the amount of
data read during regex searches. An attacker could use this issue to
cause file to consume resources, resulting in a denial of service.
(CVE-2014-3538)

Affected Software/OS:
file on Ubuntu 14.04 LTS,
Ubuntu 13.10,
Ubuntu 12.04 LTS,
Ubuntu 10.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-7345
Debian Security Information: DSA-2873 (Google Search)
http://www.debian.org/security/2014/dsa-2873
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0207
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 68243
http://www.securityfocus.com/bid/68243
Debian Security Information: DSA-2974 (Google Search)
http://www.debian.org/security/2014/dsa-2974
Debian Security Information: DSA-3021 (Google Search)
http://www.debian.org/security/2014/dsa-3021
HPdes Security Advisory: HPSBUX03102
http://marc.info/?l=bugtraq&m=141017844705317&w=2
HPdes Security Advisory: SSRT101681
http://mx.gw.com/pipermail/file/2014/001553.html
RedHat Security Advisories: RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://secunia.com/advisories/59794
http://secunia.com/advisories/59831
SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3478
BugTraq ID: 68239
http://www.securityfocus.com/bid/68239
RedHat Security Advisories: RHSA-2014:1327
http://rhn.redhat.com/errata/RHSA-2014-1327.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3479
BugTraq ID: 68241
http://www.securityfocus.com/bid/68241
Common Vulnerability Exposure (CVE) ID: CVE-2014-3480
BugTraq ID: 68238
http://www.securityfocus.com/bid/68238
Common Vulnerability Exposure (CVE) ID: CVE-2014-3487
BugTraq ID: 68120
http://www.securityfocus.com/bid/68120
Common Vulnerability Exposure (CVE) ID: CVE-2014-3538
BugTraq ID: 68348
http://www.securityfocus.com/bid/68348
Debian Security Information: DSA-3008 (Google Search)
http://www.debian.org/security/2014/dsa-3008
http://openwall.com/lists/oss-security/2014/06/30/7
RedHat Security Advisories: RHSA-2016:0760
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://secunia.com/advisories/60696
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.