Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.843257 |
Kategorie: | Ubuntu Local Security Checks |
Titel: | Ubuntu Update for gdb USN-3367-1 |
Zusammenfassung: | The remote host is missing an update for the 'gdb'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'gdb' package(s) announced via the referenced advisory. Vulnerability Insight: Hanno Bck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. (CVE-2014-8501) It was discovered that gdb incorrectly handled printing bad bytes in Intel Hex objects. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS. (CVE-2014-9939) It was discovered that gdb incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2226) It was discovered that gdb incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131) It was discovered that gdb incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service. (CVE-2016-4491) Affected Software/OS: gdb on Ubuntu 17.04, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-8501 BugTraq ID: 70866 http://www.securityfocus.com/bid/70866 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145742.html http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145328.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147354.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147346.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148427.html https://security.gentoo.org/glsa/201612-24 http://www.mandriva.com/security/advisories?name=MDVSA-2015:029 http://www.openwall.com/lists/oss-security/2014/10/26/3 http://www.openwall.com/lists/oss-security/2014/10/31/1 http://secunia.com/advisories/62241 http://secunia.com/advisories/62746 http://www.ubuntu.com/usn/USN-2496-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9939 http://www.openwall.com/lists/oss-security/2015/07/31/6 Common Vulnerability Exposure (CVE) ID: CVE-2016-2226 BugTraq ID: 90103 http://www.securityfocus.com/bid/90103 https://www.exploit-db.com/exploits/42386/ http://www.openwall.com/lists/oss-security/2016/05/05/5 Common Vulnerability Exposure (CVE) ID: CVE-2016-4487 BugTraq ID: 90025 http://www.securityfocus.com/bid/90025 Common Vulnerability Exposure (CVE) ID: CVE-2016-4488 Common Vulnerability Exposure (CVE) ID: CVE-2016-4489 BugTraq ID: 90017 http://www.securityfocus.com/bid/90017 Common Vulnerability Exposure (CVE) ID: CVE-2016-4490 BugTraq ID: 90019 http://www.securityfocus.com/bid/90019 Common Vulnerability Exposure (CVE) ID: CVE-2016-4492 BugTraq ID: 90014 http://www.securityfocus.com/bid/90014 https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00223.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4493 Common Vulnerability Exposure (CVE) ID: CVE-2016-6131 BugTraq ID: 91519 http://www.securityfocus.com/bid/91519 https://gcc.gnu.org/ml/gcc-patches/2016-06/msg02030.html http://www.openwall.com/lists/oss-security/2016/06/30/4 http://www.openwall.com/lists/oss-security/2016/06/30/7 Common Vulnerability Exposure (CVE) ID: CVE-2016-4491 BugTraq ID: 90016 http://www.securityfocus.com/bid/90016 https://gcc.gnu.org/ml/gcc-patches/2016-05/msg00105.html |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |