Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-1801)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.2.2019.1801

Kategorie: Huawei EulerOS Local Security Checks

Titel: Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-1801)

Zusammenfassung: The remote host is missing an update for the Huawei EulerOS 'patch' package(s) announced via the EulerOS-SA-2019-1801 advisory.

Beschreibung: Summary:
The remote host is missing an update for the Huawei EulerOS 'patch' package(s) announced via the EulerOS-SA-2019-1801 advisory.

Vulnerability Insight:
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.(CVE-2015-1395)

A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches.(CVE-2018-6952)

Affected Software/OS:
'patch' package(s) on Huawei EulerOS V2.0SP5.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:C/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-1395
BugTraq ID: 72846
http://www.securityfocus.com/bid/72846
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
http://www.openwall.com/lists/oss-security/2015/01/27/28
http://www.ubuntu.com/usn/USN-2651-1
Common Vulnerability Exposure (CVE) ID: CVE-2018-6952
BugTraq ID: 103047
http://www.securityfocus.com/bid/103047
https://security.gentoo.org/glsa/201904-17
https://savannah.gnu.org/bugs/index.php?53133
RedHat Security Advisories: RHSA-2019:2033
https://access.redhat.com/errata/RHSA-2019:2033

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2019.1801
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-1801)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'patch' package(s) announced via the EulerOS-SA-2019-1801 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'patch' package(s) announced via the EulerOS-SA-2019-1801 advisory. Vulnerability Insight: Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.(CVE-2015-1395) A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches.(CVE-2018-6952) Affected Software/OS: 'patch' package(s) on Huawei EulerOS V2.0SP5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1395 BugTraq ID: 72846 http://www.securityfocus.com/bid/72846 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873 http://www.openwall.com/lists/oss-security/2015/01/27/28 http://www.ubuntu.com/usn/USN-2651-1 Common Vulnerability Exposure (CVE) ID: CVE-2018-6952 BugTraq ID: 103047 http://www.securityfocus.com/bid/103047 https://security.gentoo.org/glsa/201904-17 https://savannah.gnu.org/bugs/index.php?53133 RedHat Security Advisories: RHSA-2019:2033 https://access.redhat.com/errata/RHSA-2019:2033
Copyright	Copyright (C) 2020 Greenbone Networks GmbH