Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0002
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0002)
Zusammenfassung:	The remote host is missing an update for the 'ncurses' package(s) announced via the MGASA-2018-0002 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ncurses' package(s) announced via the MGASA-2018-0002 advisory. Vulnerability Insight: Possible RCE via stack-based buffer overflow in the fmt_entry function (CVE-2017-10684). Possible RCE with format string vulnerability in the fmt_entry function (CVE-2017-10685). Illegal address access in append_acs (CVE-2017-11112). Dereferencing NULL pointer in _nc_parse_entry (CVE-2017-11113). Fix infinite loop in the next_char function in comp_scan.c (CVE-2017-13728). Fix illegal address access in the _nc_save_str (CVE-2017-13729). Fix illegal address access in the function _nc_read_entry_source() (CVE-2017-13730). Fix illegal address access in the function postprocess_termcap() (CVE-2017-13731). Fix illegal address access in the function dump_uses() (CVE-2017-13732). Fix illegal address access in the fmt_entry function (CVE-2017-13733). Fix stack-based buffer overflow in the _nc_write_entry() function (CVE-2017-16879). Affected Software/OS: 'ncurses' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-10684 https://security.gentoo.org/glsa/201804-13 https://bugzilla.redhat.com/show_bug.cgi?id=1464687 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2017-10685 https://bugzilla.redhat.com/show_bug.cgi?id=1464692 Common Vulnerability Exposure (CVE) ID: CVE-2017-11112 https://bugzilla.redhat.com/show_bug.cgi?id=1464686 Common Vulnerability Exposure (CVE) ID: CVE-2017-11113 https://bugzilla.redhat.com/show_bug.cgi?id=1464691 Common Vulnerability Exposure (CVE) ID: CVE-2017-13728 https://bugzilla.redhat.com/show_bug.cgi?id=1484274 Common Vulnerability Exposure (CVE) ID: CVE-2017-13729 https://bugzilla.redhat.com/show_bug.cgi?id=1484276 Common Vulnerability Exposure (CVE) ID: CVE-2017-13730 https://bugzilla.redhat.com/show_bug.cgi?id=1484284 Common Vulnerability Exposure (CVE) ID: CVE-2017-13731 https://bugzilla.redhat.com/show_bug.cgi?id=1484285 Common Vulnerability Exposure (CVE) ID: CVE-2017-13732 https://bugzilla.redhat.com/show_bug.cgi?id=1484287 Common Vulnerability Exposure (CVE) ID: CVE-2017-13733 https://bugzilla.redhat.com/show_bug.cgi?id=1484290 Common Vulnerability Exposure (CVE) ID: CVE-2017-16879 http://packetstormsecurity.com/files/145045/GNU-ncurses-6.0-tic-Denial-Of-Service.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.