Test Kennung:	1.3.6.1.4.1.25623.1.0.130099
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2015-0279)
Zusammenfassung:	The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2015-0279 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2015-0279 advisory. Vulnerability Insight: The mariadb package has been updated to versions 5.5.44 and 10.0.20 in Mageia 4 and Mageia 5, respectively. Both fix an issue where the client is vulnerable to a man-in-the-middle attack when using the --ssl option, where the SSL/TLS protection could be disabled (CVE-2015-3152). The Mageia 4 update also fixes other unspecified security issues, such as CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, and CVE-2015-4752. Refer to the Oracle Critical Patch Update for details. Affected Software/OS: 'mariadb' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2582 BugTraq ID: 75751 http://www.securityfocus.com/bid/75751 Debian Security Information: DSA-3308 (Google Search) http://www.debian.org/security/2015/dsa-3308 Debian Security Information: DSA-3311 (Google Search) http://www.debian.org/security/2015/dsa-3311 https://security.gentoo.org/glsa/201610-06 RedHat Security Advisories: RHSA-2015:1628 http://rhn.redhat.com/errata/RHSA-2015-1628.html RedHat Security Advisories: RHSA-2015:1629 http://rhn.redhat.com/errata/RHSA-2015-1629.html RedHat Security Advisories: RHSA-2015:1630 http://rhn.redhat.com/errata/RHSA-2015-1630.html RedHat Security Advisories: RHSA-2015:1646 http://rhn.redhat.com/errata/RHSA-2015-1646.html RedHat Security Advisories: RHSA-2015:1647 http://rhn.redhat.com/errata/RHSA-2015-1647.html RedHat Security Advisories: RHSA-2015:1665 http://rhn.redhat.com/errata/RHSA-2015-1665.html http://www.securitytracker.com/id/1032911 SuSE Security Announcement: openSUSE-SU-2015:1629 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html http://www.ubuntu.com/usn/USN-2674-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2620 BugTraq ID: 75837 http://www.securityfocus.com/bid/75837 Common Vulnerability Exposure (CVE) ID: CVE-2015-2643 BugTraq ID: 75830 http://www.securityfocus.com/bid/75830 Common Vulnerability Exposure (CVE) ID: CVE-2015-2648 BugTraq ID: 75822 http://www.securityfocus.com/bid/75822 Common Vulnerability Exposure (CVE) ID: CVE-2015-3152 BugTraq ID: 74398 http://www.securityfocus.com/bid/74398 Bugtraq: 20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade (Google Search) http://www.securityfocus.com/archive/1/535397/100/1100/threaded http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html http://www.ocert.org/advisories/ocert-2015-003.html https://www.duosecurity.com/blog/backronym-mysql-vulnerability http://www.securitytracker.com/id/1032216 Common Vulnerability Exposure (CVE) ID: CVE-2015-4737 BugTraq ID: 75802 http://www.securityfocus.com/bid/75802 Common Vulnerability Exposure (CVE) ID: CVE-2015-4752 BugTraq ID: 75849 http://www.securityfocus.com/bid/75849
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.