Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0256
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0256)
Zusammenfassung:	The remote host is missing an update for the 'tor' package(s) announced via the MGASA-2014-0256 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tor' package(s) announced via the MGASA-2014-0256 advisory. Vulnerability Insight: Update to version 0.2.4.22 which solves these major and security problems: - Block authority signing keys that were used on authorities vulnerable to the 'heartbleed' bug in OpenSSL (CVE-2014-0160). - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with acceptable strength and forward secrecy. - Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others. - Clients now try to advertise the same list of ciphersuites as Firefox 28. For other changes see the upstream change log Affected Software/OS: 'tor' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0160 BugTraq ID: 66690 http://www.securityfocus.com/bid/66690 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Cert/CC Advisory: TA14-098A http://www.us-cert.gov/ncas/alerts/TA14-098A CERT/CC vulnerability note: VU#720951 http://www.kb.cert.org/vuls/id/720951 Cisco Security Advisory: 20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed Debian Security Information: DSA-2896 (Google Search) http://www.debian.org/security/2014/dsa-2896 http://www.exploit-db.com/exploits/32745 http://www.exploit-db.com/exploits/32764 http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://seclists.org/fulldisclosure/2014/Apr/91 http://seclists.org/fulldisclosure/2014/Apr/90 http://seclists.org/fulldisclosure/2014/Apr/109 http://seclists.org/fulldisclosure/2014/Apr/173 http://seclists.org/fulldisclosure/2014/Apr/190 http://seclists.org/fulldisclosure/2014/Dec/23 HPdes Security Advisory: HPSBGN03008 http://marc.info/?l=bugtraq&m=139774054614965&w=2 HPdes Security Advisory: HPSBGN03010 http://marc.info/?l=bugtraq&m=139774703817488&w=2 HPdes Security Advisory: HPSBGN03011 http://marc.info/?l=bugtraq&m=139833395230364&w=2 HPdes Security Advisory: HPSBHF03021 http://marc.info/?l=bugtraq&m=139835815211508&w=2 HPdes Security Advisory: HPSBHF03136 http://marc.info/?l=bugtraq&m=141287864628122&w=2 HPdes Security Advisory: HPSBHF03293 http://marc.info/?l=bugtraq&m=142660345230545&w=2 HPdes Security Advisory: HPSBMU02994 http://marc.info/?l=bugtraq&m=139757726426985&w=2 HPdes Security Advisory: HPSBMU02995 http://marc.info/?l=bugtraq&m=139722163017074&w=2 HPdes Security Advisory: HPSBMU02997 http://marc.info/?l=bugtraq&m=139757919027752&w=2 HPdes Security Advisory: HPSBMU02998 http://marc.info/?l=bugtraq&m=139757819327350&w=2 HPdes Security Advisory: HPSBMU02999 http://marc.info/?l=bugtraq&m=139765756720506&w=2 HPdes Security Advisory: HPSBMU03009 http://marc.info/?l=bugtraq&m=139905458328378&w=2 HPdes Security Advisory: HPSBMU03012 http://marc.info/?l=bugtraq&m=139808058921905&w=2 HPdes Security Advisory: HPSBMU03013 http://marc.info/?l=bugtraq&m=139824993005633&w=2 HPdes Security Advisory: HPSBMU03017 http://marc.info/?l=bugtraq&m=139817727317190&w=2 HPdes Security Advisory: HPSBMU03018 http://marc.info/?l=bugtraq&m=139817782017443&w=2 HPdes Security Advisory: HPSBMU03019 http://marc.info/?l=bugtraq&m=139817685517037&w=2 HPdes Security Advisory: HPSBMU03020 http://marc.info/?l=bugtraq&m=139836085512508&w=2 HPdes Security Advisory: HPSBMU03022 http://marc.info/?l=bugtraq&m=139869891830365&w=2 HPdes Security Advisory: HPSBMU03023 http://marc.info/?l=bugtraq&m=139843768401936&w=2 HPdes Security Advisory: HPSBMU03024 http://marc.info/?l=bugtraq&m=139889113431619&w=2 HPdes Security Advisory: HPSBMU03025 http://marc.info/?l=bugtraq&m=139869720529462&w=2 HPdes Security Advisory: HPSBMU03028 http://marc.info/?l=bugtraq&m=139905243827825&w=2 HPdes Security Advisory: HPSBMU03029 http://marc.info/?l=bugtraq&m=139905202427693&w=2 HPdes Security Advisory: HPSBMU03030 http://marc.info/?l=bugtraq&m=139905351928096&w=2 HPdes Security Advisory: HPSBMU03032 http://marc.info/?l=bugtraq&m=139905405728262&w=2 HPdes Security Advisory: HPSBMU03033 http://marc.info/?l=bugtraq&m=139905295427946&w=2 HPdes Security Advisory: HPSBMU03037 http://marc.info/?l=bugtraq&m=140724451518351&w=2 HPdes Security Advisory: HPSBMU03040 http://marc.info/?l=bugtraq&m=140015787404650&w=2 HPdes Security Advisory: HPSBMU03044 http://marc.info/?l=bugtraq&m=140075368411126&w=2 HPdes Security Advisory: HPSBMU03062 http://marc.info/?l=bugtraq&m=140752315422991&w=2 HPdes Security Advisory: HPSBPI03014 http://marc.info/?l=bugtraq&m=139835844111589&w=2 HPdes Security Advisory: HPSBPI03031 http://marc.info/?l=bugtraq&m=139889295732144&w=2 HPdes Security Advisory: HPSBST03000 https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken HPdes Security Advisory: HPSBST03001 http://marc.info/?l=bugtraq&m=139758572430452&w=2 HPdes Security Advisory: HPSBST03004 http://marc.info/?l=bugtraq&m=139905653828999&w=2 HPdes Security Advisory: HPSBST03015 http://marc.info/?l=bugtraq&m=139824923705461&w=2 HPdes Security Advisory: HPSBST03016 http://marc.info/?l=bugtraq&m=139842151128341&w=2 HPdes Security Advisory: HPSBST03027 http://marc.info/?l=bugtraq&m=139905868529690&w=2 HPdes Security Advisory: SSRT101846 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/ http://heartbleed.com/ https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 https://gist.github.com/chapmajs/10473815 https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html https://www.cert.fi/en/reports/2014/vulnerability788210.html https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2014:0376 http://rhn.redhat.com/errata/RHSA-2014-0376.html RedHat Security Advisories: RHSA-2014:0377 http://rhn.redhat.com/errata/RHSA-2014-0377.html RedHat Security Advisories: RHSA-2014:0378 http://rhn.redhat.com/errata/RHSA-2014-0378.html RedHat Security Advisories: RHSA-2014:0396 http://rhn.redhat.com/errata/RHSA-2014-0396.html http://www.securitytracker.com/id/1030026 http://www.securitytracker.com/id/1030074 http://www.securitytracker.com/id/1030077 http://www.securitytracker.com/id/1030078 http://www.securitytracker.com/id/1030079 http://www.securitytracker.com/id/1030080 http://www.securitytracker.com/id/1030081 http://www.securitytracker.com/id/1030082 http://secunia.com/advisories/57347 http://secunia.com/advisories/57483 http://secunia.com/advisories/57721 http://secunia.com/advisories/57836 http://secunia.com/advisories/57966 http://secunia.com/advisories/57968 http://secunia.com/advisories/59139 http://secunia.com/advisories/59243 http://secunia.com/advisories/59347 SuSE Security Announcement: SUSE-SA:2014:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html SuSE Security Announcement: openSUSE-SU-2014:0492 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html SuSE Security Announcement: openSUSE-SU-2014:0560 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html http://www.ubuntu.com/usn/USN-2165-1
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.