 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0167 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0167) |
| Zusammenfassung: | The remote host is missing an update for the 'lxc' package(s) announced via the MGASA-2017-0167 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'lxc' package(s) announced via the MGASA-2017-0167 advisory. Vulnerability Insight: Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container (CVE-2016-8649). Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A local attacker could possibly use this issue to create virtual network interfaces in network namespaces that they do not own (CVE-2017-5985). The lxc package has been updated to version 1.0.10 to fix these issues and other bugs. Affected Software/OS: 'lxc' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-8649 94498 http://www.securityfocus.com/bid/94498 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465 https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345 https://bugzilla.redhat.com/show_bug.cgi?id=1398242 https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c https://security-tracker.debian.org/tracker/CVE-2016-8649 Common Vulnerability Exposure (CVE) ID: CVE-2017-5985 BugTraq ID: 96777 http://www.securityfocus.com/bid/96777 https://lists.linuxcontainers.org/pipermail/lxc-devel/2017-March/015535.html http://www.openwall.com/lists/oss-security/2017/03/09/4 SuSE Security Announcement: openSUSE-SU-2019:1481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html http://www.ubuntu.com/usn/USN-3224-1 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |