Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2019.0045
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2019-0045)
Zusammenfassung:	The remote host is missing an update for the 'wavpack' package(s) announced via the MGASA-2019-0045 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'wavpack' package(s) announced via the MGASA-2019-0045 advisory. Vulnerability Insight: Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service (CVE-2018-6767). It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-7253). It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a denial of service (CVE-2018-7254). Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-10536, CVE-2018-10537). Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to cause a denial of service (CVE-2018-10538, CVE-2018-10539, CVE-2018-10540). It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service (CVE-2018-19840, CVE-2018-19841). Affected Software/OS: 'wavpack' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10536 Bugtraq: 20191219 [slackware-security] wavpack (SSA:2019-353-01) (Google Search) https://seclists.org/bugtraq/2019/Dec/37 Debian Security Information: DSA-4197 (Google Search) https://www.debian.org/security/2018/dsa-4197 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA/ http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15 https://github.com/dbry/WavPack/issues/30 https://github.com/dbry/WavPack/issues/31 https://github.com/dbry/WavPack/issues/32 https://usn.ubuntu.com/3637-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-10537 Common Vulnerability Exposure (CVE) ID: CVE-2018-10538 https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d https://github.com/dbry/WavPack/issues/33 Common Vulnerability Exposure (CVE) ID: CVE-2018-10539 Common Vulnerability Exposure (CVE) ID: CVE-2018-10540 Common Vulnerability Exposure (CVE) ID: CVE-2018-19840 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZGXJUHCGQI6XKLCBUZHXPYIIWMFWA22/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WVVKOBJR5APOB3KWUWJ4UWQHUBZQL6C6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BLSOEVEKF4VNNVNZ2AN46BJUT4TGVWT/ https://security.gentoo.org/glsa/202007-19 https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51 https://github.com/dbry/WavPack/issues/53 https://lists.debian.org/debian-lts-announce/2021/01/msg00013.html SuSE Security Announcement: openSUSE-SU-2019:1145 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00029.html https://usn.ubuntu.com/3839-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-19841 https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b https://github.com/dbry/WavPack/issues/54 Common Vulnerability Exposure (CVE) ID: CVE-2018-6767 Debian Security Information: DSA-4125 (Google Search) https://www.debian.org/security/2018/dsa-4125 https://usn.ubuntu.com/3568-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7253 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889559 https://github.com/dbry/WavPack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec https://github.com/dbry/WavPack/issues/28 https://usn.ubuntu.com/3578-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7254 https://www.exploit-db.com/exploits/44154/ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274 https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e https://github.com/dbry/WavPack/issues/26
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.