Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0002
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0002)
Zusammenfassung:	The remote host is missing an update for the 'xml-security' package(s) announced via the MGASA-2014-0002 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xml-security' package(s) announced via the MGASA-2014-0002 advisory. Vulnerability Insight: James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures (CVE-2013-2172). Affected Software/OS: 'xml-security' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2172 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securityfocus.com/archive/1/534161/100/0/threaded 54019 http://secunia.com/advisories/54019 60846 http://www.securityfocus.com/bid/60846 94651 http://www.osvdb.org/94651 DSA-3065 http://www.debian.org/security/2014/dsa-3065 RHSA-2013:1207 http://rhn.redhat.com/errata/RHSA-2013-1207.html RHSA-2013:1208 http://rhn.redhat.com/errata/RHSA-2013-1208.html RHSA-2013:1209 http://rhn.redhat.com/errata/RHSA-2013-1209.html RHSA-2013:1217 http://rhn.redhat.com/errata/RHSA-2013-1217.html RHSA-2013:1218 http://rhn.redhat.com/errata/RHSA-2013-1218.html RHSA-2013:1219 http://rhn.redhat.com/errata/RHSA-2013-1219.html RHSA-2013:1220 http://rhn.redhat.com/errata/RHSA-2013-1220.html RHSA-2013:1375 http://rhn.redhat.com/errata/RHSA-2013-1375.html RHSA-2013:1437 http://rhn.redhat.com/errata/RHSA-2013-1437.html RHSA-2013:1853 http://rhn.redhat.com/errata/RHSA-2013-1853.html RHSA-2014:0212 http://rhn.redhat.com/errata/RHSA-2014-0212.html USN-2028-1 http://www.ubuntu.com/usn/USN-2028-1 [santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E [santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java?r1=1353876&r2=1493772&pathrev=1493772&diff_format=h http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.