Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.120265 |
Kategorie: | Amazon Linux Local Security Checks |
Titel: | Amazon Linux: Security Advisory (ALAS-2015-598) |
Zusammenfassung: | The remote host is missing an update announced via the referenced Security Advisory. |
Beschreibung: | Summary: The remote host is missing an update announced via the referenced Security Advisory. Vulnerability Insight: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep. (CVE-2012-5667 )A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory. (CVE-2015-1345 ) Solution: Run yum update grep to update your system. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-5667 BugTraq ID: 57033 http://www.securityfocus.com/bid/57033 http://lists.gnu.org/archive/html/bug-grep/2012-12/msg00004.html http://openwall.com/lists/oss-security/2012/12/22/6 RedHat Security Advisories: RHSA-2015:1447 http://rhn.redhat.com/errata/RHSA-2015-1447.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1345 BugTraq ID: 72281 http://www.securityfocus.com/bid/72281 http://www.openwall.com/lists/oss-security/2015/01/22/10 SuSE Security Announcement: openSUSE-SU-2015:0243 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00037.html |
Copyright | Copyright (C) 2015 Eero Volotinen |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |