Red Hat Local Security Checks : RedHat Update for powerpc-utils-python RHSA-2016:2607-02

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.871697

Kategorie: Red Hat Local Security Checks

Titel: RedHat Update for powerpc-utils-python RHSA-2016:2607-02

Zusammenfassung: The remote host is missing an update for the 'powerpc-utils-python'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'powerpc-utils-python'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The powerpc-utils-python packages provide
Python-based utilities for maintaining and servicing PowerPC systems.

Security Fix(es):

* It was found that the amsvis command of the powerpc-utils-python package
did not verify unpickled data before processing it. This could allow an
attacker who can connect to an amsvis server process (or cause an amsvis
client process to connect to them) to execute arbitrary code as the user
running the amsvis process. (CVE-2014-8165)

This issue was discovered by Dhiru Kholia of Red Hat Product Security.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section.

Affected Software/OS:
powerpc-utils-python on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-8165
BugTraq ID: 72537
http://www.securityfocus.com/bid/72537
http://sourceforge.net/p/powerpc-utils/mailman/message/32884230/
http://www.openwall.com/lists/oss-security/2015/02/09/4
RedHat Security Advisories: RHSA-2016:2607
http://rhn.redhat.com/errata/RHSA-2016-2607.html
XForce ISS Database: powerpcutils-cve20148165-code-exec(100788)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100788

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.871697
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Update for powerpc-utils-python RHSA-2016:2607-02
Zusammenfassung:	The remote host is missing an update for the 'powerpc-utils-python'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'powerpc-utils-python' package(s) announced via the referenced advisory. Vulnerability Insight: The powerpc-utils-python packages provide Python-based utilities for maintaining and servicing PowerPC systems. Security Fix(es): * It was found that the amsvis command of the powerpc-utils-python package did not verify unpickled data before processing it. This could allow an attacker who can connect to an amsvis server process (or cause an amsvis client process to connect to them) to execute arbitrary code as the user running the amsvis process. (CVE-2014-8165) This issue was discovered by Dhiru Kholia of Red Hat Product Security. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section. Affected Software/OS: powerpc-utils-python on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8165 BugTraq ID: 72537 http://www.securityfocus.com/bid/72537 http://sourceforge.net/p/powerpc-utils/mailman/message/32884230/ http://www.openwall.com/lists/oss-security/2015/02/09/4 RedHat Security Advisories: RHSA-2016:2607 http://rhn.redhat.com/errata/RHSA-2016-2607.html XForce ISS Database: powerpcutils-cve20148165-code-exec(100788) https://exchange.xforce.ibmcloud.com/vulnerabilities/100788
Copyright	Copyright (C) 2016 Greenbone Networks GmbH