Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2017.0212
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2017-0212)
Zusammenfassung:	The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2017-0212 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2017-0212 advisory. Vulnerability Insight: GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. (CVE-2017-7869) GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. (CVE-2017-7507) Affected Software/OS: 'gnutls' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7507 99102 http://www.securityfocus.com/bid/99102 DSA-3884 http://www.debian.org/security/2017/dsa-3884 RHSA-2017:2292 https://access.redhat.com/errata/RHSA-2017:2292 https://www.gnutls.org/security.html#GNUTLS-SA-2017-4 Common Vulnerability Exposure (CVE) ID: CVE-2017-7869 BugTraq ID: 97040 http://www.securityfocus.com/bid/97040 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 https://gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fe RedHat Security Advisories: RHSA-2017:2292
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.