 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0290 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0290) |
| Zusammenfassung: | The remote host is missing an update for the 'ruby' package(s) announced via the MGASA-2017-0290 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'ruby' package(s) announced via the MGASA-2017-0290 advisory. Vulnerability Insight: It was discovered that Ruby Net::SMTP incorrectly handled CRLF sequences. A remote attacker could possibly use this issue to inject SMTP commands. (CVE-2015-9096) Marcin Noga discovered that Ruby incorrectly handled certain arguments in a TclTkIp class method. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-2337) It was discovered that Ruby Fiddle::Function.new incorrectly handled certain arguments. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-2339) Affected Software/OS: 'ruby' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-9096 Debian Security Information: DSA-3966 (Google Search) https://www.debian.org/security/2017/dsa-3966 http://www.mbsd.jp/Whitepaper/smtpi.pdf https://github.com/ruby/ruby/commit/0827a7e52ba3d957a634b063bf5a391239b9ffee https://github.com/rubysec/ruby-advisory-db/issues/215 https://hackerone.com/reports/137631 https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2337 BugTraq ID: 91233 http://www.securityfocus.com/bid/91233 https://security.gentoo.org/glsa/201710-18 http://www.talosintelligence.com/reports/TALOS-2016-0031/ https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2339 BugTraq ID: 91234 http://www.securityfocus.com/bid/91234 http://www.talosintelligence.com/reports/TALOS-2016-0034/ |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |