 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2016.0267 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2016-0267) |
| Zusammenfassung: | The remote host is missing an update for the 'php, php-timezonedb, timezone, xmlrpc-epi' package(s) announced via the MGASA-2016-0267 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'php, php-timezonedb, timezone, xmlrpc-epi' package(s) announced via the MGASA-2016-0267 advisory. Vulnerability Insight: Stack-based buffer overflow vulnerability in virtual_file_ex() (CVE-2016-6289). Use After Free in unserialize() with Unexpected Session Deserialization (CVE-2016-6290). Out of bound read in exif_process_IFD_in_MAKERNOTE() (CVE-2016-6291). NULL Pointer Dereference in exif_process_user_comment() (CVE-2016-6292). locale_accept_from_http() out-of-bounds access (CVE-2016-6294). Use After Free Vulnerability in SNMP with GC and unserialize() (CVE-2016-6295). heap-buffer-overflow (write) simplestring_addn() simplestring.c in php-xmlrpc (CVE-2016-6296). Stack-based buffer overflow vulnerability in php_stream_zip_opener() (CVE-2016-6297). The php package has been updated to version 5.6.24, fixing these issues and several other bugs. See the upstream ChangeLog for details. The CVE-2016-6296 issue was in the xmlrpc-epi library, which has been patched. Additionally, the timezone and php-timezonedb packages have been updated with the latest timezone data. Affected Software/OS: 'php, php-timezonedb, timezone, xmlrpc-epi' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6289 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html BugTraq ID: 92074 http://www.securityfocus.com/bid/92074 Debian Security Information: DSA-3631 (Google Search) http://www.debian.org/security/2016/dsa-3631 https://security.gentoo.org/glsa/201611-22 http://fortiguard.com/advisory/fortinet-discovers-php-stack-based-buffer-overflow-vulnerabilities http://openwall.com/lists/oss-security/2016/07/24/2 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.securitytracker.com/id/1036430 Common Vulnerability Exposure (CVE) ID: CVE-2016-6290 BugTraq ID: 92097 http://www.securityfocus.com/bid/92097 Common Vulnerability Exposure (CVE) ID: CVE-2016-6291 BugTraq ID: 92073 http://www.securityfocus.com/bid/92073 Common Vulnerability Exposure (CVE) ID: CVE-2016-6292 BugTraq ID: 92078 http://www.securityfocus.com/bid/92078 Common Vulnerability Exposure (CVE) ID: CVE-2016-6294 BugTraq ID: 92115 http://www.securityfocus.com/bid/92115 Common Vulnerability Exposure (CVE) ID: CVE-2016-6295 BugTraq ID: 92094 http://www.securityfocus.com/bid/92094 Common Vulnerability Exposure (CVE) ID: CVE-2016-6296 BugTraq ID: 92095 http://www.securityfocus.com/bid/92095 https://lists.debian.org/debian-lts-announce/2019/11/msg00029.html http://www.ubuntu.com/usn/USN-3059-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-6297 BugTraq ID: 92099 http://www.securityfocus.com/bid/92099 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |