Test Kennung:	1.3.6.1.4.1.25623.1.0.70607
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: libxml
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: libxml CVE-2009-2414 Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2414 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components http://www.securityfocus.com/archive/1/507985/100/0/threaded 35036 http://secunia.com/advisories/35036 36010 http://www.securityfocus.com/bid/36010 36207 http://secunia.com/advisories/36207 36338 http://secunia.com/advisories/36338 36417 http://secunia.com/advisories/36417 36631 http://secunia.com/advisories/36631 37346 http://secunia.com/advisories/37346 37471 http://secunia.com/advisories/37471 ADV-2009-2420 http://www.vupen.com/english/advisories/2009/2420 ADV-2009-3184 http://www.vupen.com/english/advisories/2009/3184 ADV-2009-3217 http://www.vupen.com/english/advisories/2009/3217 ADV-2009-3316 http://www.vupen.com/english/advisories/2009/3316 APPLE-SA-2009-11-09-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html APPLE-SA-2009-11-11-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html APPLE-SA-2010-06-21-1 http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html DSA-1859 http://www.debian.org/security/2009/dsa-1859 FEDORA-2009-8491 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html FEDORA-2009-8498 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html FEDORA-2009-8580 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html SUSE-SR:2009:015 http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html USN-815-1 http://www.ubuntu.com/usn/USN-815-1 [debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html http://support.apple.com/kb/HT3937 http://support.apple.com/kb/HT3949 http://support.apple.com/kb/HT4225 http://www.cert.fi/en/reports/2009/vulnerability2009085.html http://www.codenomicon.com/labs/xml/ http://www.networkworld.com/columnists/2009/080509-xml-flaw.html http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html https://bugzilla.redhat.com/show_bug.cgi?id=515195 https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 oval:org.mitre.oval:def:10129 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129 oval:org.mitre.oval:def:8639 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639
Copyright	Copyright (C) 2012 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.