Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2015.0485
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2015-0485)
Zusammenfassung:	The remote host is missing an update for the 'proftpd' package(s) announced via the MGASA-2015-0485 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'proftpd' package(s) announced via the MGASA-2015-0485 advisory. Vulnerability Insight: Updated proftpd packages fix security vulnerability: Part of the SFTP handshake involves 'extensions', which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The mod_sftp module currently places no bounds/length limitations when reading these SFTP extension key/value data from the network. A malicious attacker might attempt to encode large values, and allocate more memory than is necessary, causing excessive resource usage or the FTP daemon to crash (proftpd#4210). This update also includes a fix for a crash in mod_lang (proftpd#4206). Affected Software/OS: 'proftpd' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.