Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.871681
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for firewalld RHSA-2016:2597-02
Zusammenfassung:The remote host is missing an update for the 'firewalld'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'firewalld'
package(s) announced via the referenced advisory.

Vulnerability Insight:
firewalld is a firewall service daemon
that provides a dynamic customizable firewall with a D-Bus interface.

The following packages have been upgraded to a newer upstream version:
firewalld (0.4.3.2). (BZ#1302802)

Security Fix(es):

* A flaw was found in the way firewalld allowed certain firewall
configurations to be modified by unauthenticated users. Any locally logged
in user could use this flaw to tamper or change firewall settings.
(CVE-2016-5410)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section.

Affected Software/OS:
firewalld on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-5410
BugTraq ID: 92481
http://www.securityfocus.com/bid/92481
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJMYLGRVKIPJEI3VZJ4WQZT7FBQ5BKO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPM3GUQRU2KPRXDEQLAMCDQEAIARJSBT/
https://security.gentoo.org/glsa/201701-70
http://www.openwall.com/lists/oss-security/2016/08/16/3
RedHat Security Advisories: RHSA-2016:2597
http://rhn.redhat.com/errata/RHSA-2016-2597.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.