 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0454 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0454) |
| Zusammenfassung: | The remote host is missing an update for the 'pcre' package(s) announced via the MGASA-2017-0454 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'pcre' package(s) announced via the MGASA-2017-0454 advisory. Vulnerability Insight: The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression (CVE-2017-6004). A vulnerability was found in pcre caused by trying to find a Unicode property for a code value greater than 0x10ffff, the Unicode maximum, when running in non-UTF mode (where character values can be up to 0xffffffff) (CVE-2017-7186). The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file (CVE-2017-7244). Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file (CVE-2017-7245). Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file (CVE-2017-7246). Affected Software/OS: 'pcre' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-6004 BugTraq ID: 96295 http://www.securityfocus.com/bid/96295 https://security.gentoo.org/glsa/201706-11 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E RedHat Security Advisories: RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 http://www.securitytracker.com/id/1037850 Common Vulnerability Exposure (CVE) ID: CVE-2017-7186 BugTraq ID: 97030 http://www.securityfocus.com/bid/97030 https://security.gentoo.org/glsa/201710-09 https://security.gentoo.org/glsa/201710-25 https://blogs.gentoo.org/ago/2017/03/14/libpcre-invalid-memory-read-in-match-pcre_exec-c/ Common Vulnerability Exposure (CVE) ID: CVE-2017-7244 BugTraq ID: 97067 http://www.securityfocus.com/bid/97067 https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/ Common Vulnerability Exposure (CVE) ID: CVE-2017-7245 https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/ Common Vulnerability Exposure (CVE) ID: CVE-2017-7246 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |