Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0442
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0442)
Zusammenfassung:	The remote host is missing an update for the 'apt' package(s) announced via the MGASA-2014-0442 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'apt' package(s) announced via the MGASA-2014-0442 advisory. Vulnerability Insight: The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the 'http' apt method binary, or potentially to arbitrary code execution (CVE-2014-6273). Also fixed is parsing of Mageia package index 'synthesis' files with lines longer than 64k characters. This is necessary for upgrading to the 'cauldron' development distro that will become Mageia 5. Note however that upgrading from Mageia 3 to Mageia 5 will not be supported. Affected Software/OS: 'apt' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6273 BugTraq ID: 70075 http://www.securityfocus.com/bid/70075 Debian Security Information: DSA-3031 (Google Search) http://www.debian.org/security/2014/dsa-3031 http://secunia.com/advisories/61605 http://secunia.com/advisories/61710 http://www.ubuntu.com/usn/USN-2353-1 XForce ISS Database: apt-cve20146273-bo(96151) https://exchange.xforce.ibmcloud.com/vulnerabilities/96151
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.