Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2019.1425
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1425)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'sqlite' package(s) announced via the EulerOS-SA-2019-1425 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'sqlite' package(s) announced via the EulerOS-SA-2019-1425 advisory. Vulnerability Insight: It was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3415) A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3414) A NULL pointer dereference vulnerability was found in SQLite. Loading a database whose schema was corrupted using a CREATE TABLE AS statement would result in a SQLite crash.(CVE-2018-8740) It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.(CVE-2015-3416) Affected Software/OS: 'sqlite' package(s) on Huawei EulerOS Virtualization 3.0.1.0. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3414 http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 74228 http://www.securityfocus.com/bid/74228 Debian Security Information: DSA-3252 (Google Search) http://www.debian.org/security/2015/dsa-3252 http://seclists.org/fulldisclosure/2015/Apr/31 https://security.gentoo.org/glsa/201507-05 http://www.mandriva.com/security/advisories?name=MDVSA-2015:217 RedHat Security Advisories: RHSA-2015:1635 http://rhn.redhat.com/errata/RHSA-2015-1635.html http://www.securitytracker.com/id/1033703 http://www.ubuntu.com/usn/USN-2698-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3415 Common Vulnerability Exposure (CVE) ID: CVE-2015-3416 RedHat Security Advisories: RHSA-2015:1634 http://rhn.redhat.com/errata/RHSA-2015-1634.html Common Vulnerability Exposure (CVE) ID: CVE-2018-8740 BugTraq ID: 103466 http://www.securityfocus.com/bid/103466 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6964 https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349 https://www.sqlite.org/cgi/src/timeline?r=corrupt-schema https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:1426 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00050.html https://usn.ubuntu.com/4205-1/ https://usn.ubuntu.com/4394-1/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.