Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0042
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0042)
Zusammenfassung:	The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2014-0042 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2014-0042 advisory. Vulnerability Insight: Updated springframework packages fix security vulnerability: Alvaro Munoz discovered a XML External Entity (XXE) injection in the Spring Framework which can be used for conducting CSRF and DoS attacks on other sites (CVE-2013-4152). Affected Software/OS: 'springframework' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4152 BugTraq ID: 61951 http://www.securityfocus.com/bid/61951 Bugtraq: 20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework (Google Search) http://seclists.org/bugtraq/2013/Aug/154 Debian Security Information: DSA-2842 (Google Search) http://www.debian.org/security/2014/dsa-2842 http://seclists.org/fulldisclosure/2013/Nov/14 RedHat Security Advisories: RHSA-2014:0212 http://rhn.redhat.com/errata/RHSA-2014-0212.html RedHat Security Advisories: RHSA-2014:0245 http://rhn.redhat.com/errata/RHSA-2014-0245.html RedHat Security Advisories: RHSA-2014:0254 http://rhn.redhat.com/errata/RHSA-2014-0254.html RedHat Security Advisories: RHSA-2014:0400 http://rhn.redhat.com/errata/RHSA-2014-0400.html http://secunia.com/advisories/56247 http://secunia.com/advisories/57915
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.