Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2016.0244
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2016-0244)
Zusammenfassung:	The remote host is missing an update for the 'struts' package(s) announced via the MGASA-2016-0244 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'struts' package(s) announced via the MGASA-2016-0244 advisory. Vulnerability Insight: Updated struts packages fix security vulnerabilities: A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found (CVE-2016-1181). It was reported that The Apache Struts 1 Validator contains a vulnerability where input validation configurations (validation rules, error messages, etc.) may be modified. This occurs when ValidatorForm and ValidatorActionForm (including its subclasses) are in the session scope (CVE-2016-1182). Affected Software/OS: 'struts' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1181 BugTraq ID: 91068 http://www.securityfocus.com/bid/91068 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://bugzilla.redhat.com/show_bug.cgi?id=1343538 https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8 https://security-tracker.debian.org/tracker/CVE-2016-1181 https://security.netapp.com/advisory/ntap-20180629-0006/ https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://jvn.jp/en/jp/JVN03188560/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096 https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html http://www.securitytracker.com/id/1036056 Common Vulnerability Exposure (CVE) ID: CVE-2016-1182 BugTraq ID: 91067 http://www.securityfocus.com/bid/91067 https://bugzilla.redhat.com/show_bug.cgi?id=1343540 https://security-tracker.debian.org/tracker/CVE-2016-1182 http://jvn.jp/en/jp/JVN65044642/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000097
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.