English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.10.2019.0251
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia: Security Advisory (MGASA-2019-0251)
Zusammenfassung:The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2019-0251 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2019-0251 advisory.

Vulnerability Insight:
Updated golang packages fix security vulnerabilities:

Some HTTP/2 implementations are vulnerable to ping floods, potentially
leading to a denial of service. The attacker sends continual pings to an
HTTP/2 peer, causing the peer to build an internal queue of responses.
Depending on how efficiently this data is queued, this can consume excess
CPU, memory, or both (CVE-2019-9512)

Some HTTP/2 implementations are vulnerable to a reset flood, potentially
leading to a denial of service. The attacker opens a number of streams and
sends an invalid request over each stream that should solicit a stream of
RST_STREAM frames from the peer. Depending on how the peer queues the
RST_STREAM frames, this can consume excess memory, CPU, or both
(CVE-2019-9514).

net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed
hosts in URLs, leading to an authorization bypass in some applications.
This is related to a Host field with a suffix appearing in neither
Hostname() nor Port(), and is related to a non-numeric port number.
(CVE-2019-14809)

Affected Software/OS:
'golang' package(s) on Mageia 6, Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-14809
Bugtraq: 20190819 [SECURITY] [DSA 4503-1] golang-1.11 security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/31
Debian Security Information: DSA-4503 (Google Search)
https://www.debian.org/security/2019/dsa-4503
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/
https://groups.google.com/forum/#!topic/golang-announce/0uuMm1BwpHE
RedHat Security Advisories: RHSA-2019:3433
https://access.redhat.com/errata/RHSA-2019:3433
SuSE Security Announcement: openSUSE-SU-2019:2000 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
SuSE Security Announcement: openSUSE-SU-2019:2056 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
SuSE Security Announcement: openSUSE-SU-2019:2072 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
SuSE Security Announcement: openSUSE-SU-2019:2085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
SuSE Security Announcement: openSUSE-SU-2019:2130 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9512
Bugtraq: 20190814 APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0 (Google Search)
https://seclists.org/bugtraq/2019/Aug/24
Bugtraq: 20190825 [SECURITY] [DSA 4508-1] h2o security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/43
Bugtraq: 20190910 [SECURITY] [DSA 4520-1] trafficserver security update (Google Search)
https://seclists.org/bugtraq/2019/Sep/18
CERT/CC vulnerability note: VU#605641
https://kb.cert.org/vuls/id/605641/
Debian Security Information: DSA-4508 (Google Search)
https://www.debian.org/security/2019/dsa-4508
Debian Security Information: DSA-4520 (Google Search)
https://www.debian.org/security/2019/dsa-4520
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
http://seclists.org/fulldisclosure/2019/Aug/16
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
http://www.openwall.com/lists/oss-security/2019/08/20/1
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
RedHat Security Advisories: RHSA-2019:2594
https://access.redhat.com/errata/RHSA-2019:2594
RedHat Security Advisories: RHSA-2019:2661
https://access.redhat.com/errata/RHSA-2019:2661
RedHat Security Advisories: RHSA-2019:2682
https://access.redhat.com/errata/RHSA-2019:2682
RedHat Security Advisories: RHSA-2019:2690
https://access.redhat.com/errata/RHSA-2019:2690
RedHat Security Advisories: RHSA-2019:2726
https://access.redhat.com/errata/RHSA-2019:2726
RedHat Security Advisories: RHSA-2019:2766
https://access.redhat.com/errata/RHSA-2019:2766
RedHat Security Advisories: RHSA-2019:2769
https://access.redhat.com/errata/RHSA-2019:2769
RedHat Security Advisories: RHSA-2019:2796
https://access.redhat.com/errata/RHSA-2019:2796
RedHat Security Advisories: RHSA-2019:2861
https://access.redhat.com/errata/RHSA-2019:2861
RedHat Security Advisories: RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2925
RedHat Security Advisories: RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2939
RedHat Security Advisories: RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2955
RedHat Security Advisories: RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:2966
RedHat Security Advisories: RHSA-2019:3131
https://access.redhat.com/errata/RHSA-2019:3131
RedHat Security Advisories: RHSA-2019:3245
https://access.redhat.com/errata/RHSA-2019:3245
RedHat Security Advisories: RHSA-2019:3265
https://access.redhat.com/errata/RHSA-2019:3265
RedHat Security Advisories: RHSA-2019:3892
https://access.redhat.com/errata/RHSA-2019:3892
RedHat Security Advisories: RHSA-2019:3906
https://access.redhat.com/errata/RHSA-2019:3906
RedHat Security Advisories: RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4018
RedHat Security Advisories: RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4019
RedHat Security Advisories: RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4020
RedHat Security Advisories: RHSA-2019:4021
https://access.redhat.com/errata/RHSA-2019:4021
RedHat Security Advisories: RHSA-2019:4040
https://access.redhat.com/errata/RHSA-2019:4040
RedHat Security Advisories: RHSA-2019:4041
https://access.redhat.com/errata/RHSA-2019:4041
RedHat Security Advisories: RHSA-2019:4042
https://access.redhat.com/errata/RHSA-2019:4042
RedHat Security Advisories: RHSA-2019:4045
https://access.redhat.com/errata/RHSA-2019:4045
RedHat Security Advisories: RHSA-2019:4269
https://access.redhat.com/errata/RHSA-2019:4269
RedHat Security Advisories: RHSA-2019:4273
https://access.redhat.com/errata/RHSA-2019:4273
RedHat Security Advisories: RHSA-2019:4352
https://access.redhat.com/errata/RHSA-2019:4352
RedHat Security Advisories: RHSA-2020:0406
https://access.redhat.com/errata/RHSA-2020:0406
RedHat Security Advisories: RHSA-2020:0727
https://access.redhat.com/errata/RHSA-2020:0727
SuSE Security Announcement: openSUSE-SU-2019:2114 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
SuSE Security Announcement: openSUSE-SU-2019:2115 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
https://usn.ubuntu.com/4308-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9514
Debian Security Information: DSA-4669 (Google Search)
https://www.debian.org/security/2020/dsa-4669
http://www.openwall.com/lists/oss-security/2023/10/18/8
CopyrightCopyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.