Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.130099
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia Linux Local Check: mgasa-2015-0279
Zusammenfassung:Mageia Linux Local Security Checks mgasa-2015-0279
Beschreibung:Summary:
Mageia Linux Local Security Checks mgasa-2015-0279

Vulnerability Insight:
The mariadb package has been updated to versions 5.5.44 and 10.0.20 in Mageia 4 and Mageia 5, respectively. Both fix an issue where the client is vulnerable to a man-in-the-middle attack when using the --ssl option, where the SSL/TLS protection could be disabled (CVE-2015-3152). The Mageia 4 update also fixes other unspecified security issues, such as CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, and CVE-2015-4752. Refer to the Oracle Critical Patch Update for details.

Solution:
Update the affected packages to the latest available version.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-3152
BugTraq ID: 74398
http://www.securityfocus.com/bid/74398
Bugtraq: 20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade (Google Search)
http://www.securityfocus.com/archive/1/535397/100/1100/threaded
Debian Security Information: DSA-3311 (Google Search)
http://www.debian.org/security/2015/dsa-3311
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html
http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/
http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html
http://www.ocert.org/advisories/ocert-2015-003.html
https://www.duosecurity.com/blog/backronym-mysql-vulnerability
RedHat Security Advisories: RHSA-2015:1646
http://rhn.redhat.com/errata/RHSA-2015-1646.html
RedHat Security Advisories: RHSA-2015:1647
http://rhn.redhat.com/errata/RHSA-2015-1647.html
RedHat Security Advisories: RHSA-2015:1665
http://rhn.redhat.com/errata/RHSA-2015-1665.html
http://www.securitytracker.com/id/1032216
Common Vulnerability Exposure (CVE) ID: CVE-2015-2582
BugTraq ID: 75751
http://www.securityfocus.com/bid/75751
Debian Security Information: DSA-3308 (Google Search)
http://www.debian.org/security/2015/dsa-3308
https://security.gentoo.org/glsa/201610-06
RedHat Security Advisories: RHSA-2015:1628
http://rhn.redhat.com/errata/RHSA-2015-1628.html
RedHat Security Advisories: RHSA-2015:1629
http://rhn.redhat.com/errata/RHSA-2015-1629.html
RedHat Security Advisories: RHSA-2015:1630
http://rhn.redhat.com/errata/RHSA-2015-1630.html
http://www.securitytracker.com/id/1032911
SuSE Security Announcement: openSUSE-SU-2015:1629 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html
http://www.ubuntu.com/usn/USN-2674-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-2620
BugTraq ID: 75837
http://www.securityfocus.com/bid/75837
Common Vulnerability Exposure (CVE) ID: CVE-2015-2643
BugTraq ID: 75830
http://www.securityfocus.com/bid/75830
Common Vulnerability Exposure (CVE) ID: CVE-2015-2648
BugTraq ID: 75822
http://www.securityfocus.com/bid/75822
Common Vulnerability Exposure (CVE) ID: CVE-2015-4737
BugTraq ID: 75802
http://www.securityfocus.com/bid/75802
Common Vulnerability Exposure (CVE) ID: CVE-2015-4752
BugTraq ID: 75849
http://www.securityfocus.com/bid/75849
CopyrightCopyright (C) 2015 Eero Volotinen

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.