Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2017.0403
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2017-0403)
Zusammenfassung:	The remote host is missing an update for the 'lucene' package(s) announced via the MGASA-2017-0403 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'lucene' package(s) announced via the MGASA-2017-0403 advisory. Vulnerability Insight: It was found that the CoreParser class in Lucene accepts doctype declaration and expands external entities. An attacker could use this flaw to bypass security restrictions and access sensitive data (CVE-2017-12629). Affected Software/OS: 'lucene' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-12629 BugTraq ID: 101261 http://www.securityfocus.com/bid/101261 Debian Security Information: DSA-4124 (Google Search) https://www.debian.org/security/2018/dsa-4124 https://www.exploit-db.com/exploits/43009/ http://openwall.com/lists/oss-security/2017/10/13/1 https://twitter.com/ApacheSolr/status/918731485611401216 https://twitter.com/joshbressers/status/919258716297420802 https://twitter.com/searchtools_avi/status/918904813613543424 https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E https://s.apache.org/FJDl https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E RedHat Security Advisories: RHSA-2017:3123 https://access.redhat.com/errata/RHSA-2017:3123 RedHat Security Advisories: RHSA-2017:3124 https://access.redhat.com/errata/RHSA-2017:3124 RedHat Security Advisories: RHSA-2017:3244 https://access.redhat.com/errata/RHSA-2017:3244 RedHat Security Advisories: RHSA-2017:3451 https://access.redhat.com/errata/RHSA-2017:3451 RedHat Security Advisories: RHSA-2017:3452 https://access.redhat.com/errata/RHSA-2017:3452 RedHat Security Advisories: RHSA-2018:0002 https://access.redhat.com/errata/RHSA-2018:0002 RedHat Security Advisories: RHSA-2018:0003 https://access.redhat.com/errata/RHSA-2018:0003 RedHat Security Advisories: RHSA-2018:0004 https://access.redhat.com/errata/RHSA-2018:0004 RedHat Security Advisories: RHSA-2018:0005 https://access.redhat.com/errata/RHSA-2018:0005 https://usn.ubuntu.com/4259-1/
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.