 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.130061 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2015-0322) |
| Zusammenfassung: | The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2015-0322 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2015-0322 advisory. Vulnerability Insight: It was reported that GnuTLS does not check whether the two signature algorithms match on certificate import (CVE-2015-0294). Kurt Roeckx discovered that decoding a specific certificate with very long DistinguishedName (DN) entries leads to double free. A remote attacker can take advantage of this flaw by creating a specially crafted certificate that, when processed by an application compiled against GnuTLS, could cause the application to crash resulting in a denial of service (CVE-2015-6251). Affected Software/OS: 'gnutls' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0294 http://www.debian.org/security/2015/dsa-3191 https://bugzilla.redhat.com/show_bug.cgi?id=1196323 https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff Common Vulnerability Exposure (CVE) ID: CVE-2015-6251 BugTraq ID: 76267 http://www.securityfocus.com/bid/76267 Debian Security Information: DSA-3334 (Google Search) http://www.debian.org/security/2015/dsa-3334 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165286.html http://www.openwall.com/lists/oss-security/2015/08/10/1 http://www.openwall.com/lists/oss-security/2015/08/17/6 http://www.securitytracker.com/id/1033226 SuSE Security Announcement: openSUSE-SU-2015:1499 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-09/msg00001.html |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |