Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0012)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2019.0012

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2019-0012)

Zusammenfassung: The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.

Vulnerability Insight:
Eyal Itkin discovered FreeRDP incorrectly handled certain stream
encodings. A malicious server could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code (CVE-2018-8784, CVE-2018-8785).

Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious
server could use this issue to cause FreeRDP to crash, resulting in a
denial of service, or possibly execute arbitrary code (CVE-2018-8786,
CVE-2018-8787).

Eyal Itkin discovered FreeRDP incorrectly handled certain stream
encodings. A malicious server could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code (CVE-2018-8788).

Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A
malicious server could use this issue to cause FreeRDP to crash,
resulting in a denial of service, or possibly execute arbitrary code
(CVE-2018-8789).

Affected Software/OS:
'freerdp' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-8784
BugTraq ID: 106938
http://www.securityfocus.com/bid/106938
https://usn.ubuntu.com/3845-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8785
Common Vulnerability Exposure (CVE) ID: CVE-2018-8786
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html
RedHat Security Advisories: RHSA-2019:0697
https://access.redhat.com/errata/RHSA-2019:0697
https://usn.ubuntu.com/3845-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8787
Common Vulnerability Exposure (CVE) ID: CVE-2018-8788
Common Vulnerability Exposure (CVE) ID: CVE-2018-8789

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2019.0012
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2019-0012)
Zusammenfassung:	The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory. Vulnerability Insight: Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8784, CVE-2018-8785). Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8786, CVE-2018-8787). Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8788). Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8789). Affected Software/OS: 'freerdp' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-8784 BugTraq ID: 106938 http://www.securityfocus.com/bid/106938 https://usn.ubuntu.com/3845-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8785 Common Vulnerability Exposure (CVE) ID: CVE-2018-8786 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html RedHat Security Advisories: RHSA-2019:0697 https://access.redhat.com/errata/RHSA-2019:0697 https://usn.ubuntu.com/3845-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8787 Common Vulnerability Exposure (CVE) ID: CVE-2018-8788 Common Vulnerability Exposure (CVE) ID: CVE-2018-8789
Copyright	Copyright (C) 2022 Greenbone AG