Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.892330 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian LTS: Security Advisory for jruby (DLA-2330-1) |
Zusammenfassung: | The remote host is missing an update for the 'jruby'; package(s) announced via the DLA-2330-1 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'jruby' package(s) announced via the DLA-2330-1 advisory. Vulnerability Insight: Several vulnerabilities were fixed in JRuby, a 100% pure-Java implementation of Ruby. CVE-2017-17742 CVE-2019-16254 HTTP Response Splitting attacks in the HTTP server of WEBrick. CVE-2019-16201 Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication. CVE-2019-8320 Delete directory using symlink when decompressing tar. CVE-2019-8321 Escape sequence injection vulnerability in verbose. CVE-2019-8322 Escape sequence injection vulnerability in gem owner. CVE-2019-8323 Escape sequence injection vulnerability in API response handling. CVE-2019-8324 Installing a malicious gem may lead to arbitrary code execution. CVE-2019-8325 Escape sequence injection vulnerability in errors. CVE-2019-16255 Code injection vulnerability of Shell#[] and Shell#test. Affected Software/OS: 'jruby' package(s) on Debian Linux. Solution: For Debian 9 stretch, these problems have been fixed in version 1.7.26-1+deb9u2. We recommend that you upgrade your jruby packages. CVSS Score: 8.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-8320 https://hackerone.com/reports/317321 https://lists.debian.org/debian-lts-announce/2020/08/msg00027.html RedHat Security Advisories: RHSA-2019:1429 https://access.redhat.com/errata/RHSA-2019:1429 SuSE Security Announcement: openSUSE-SU-2019:1771 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html Common Vulnerability Exposure (CVE) ID: CVE-2019-8321 https://hackerone.com/reports/317330 Common Vulnerability Exposure (CVE) ID: CVE-2019-8322 https://hackerone.com/reports/315087 Common Vulnerability Exposure (CVE) ID: CVE-2019-8323 https://hackerone.com/reports/315081 Common Vulnerability Exposure (CVE) ID: CVE-2019-8324 https://hackerone.com/reports/328571 RedHat Security Advisories: RHSA-2019:1972 https://access.redhat.com/errata/RHSA-2019:1972 Common Vulnerability Exposure (CVE) ID: CVE-2019-8325 https://hackerone.com/reports/317353 |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |