Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0330)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2019.0330

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2019-0330)

Zusammenfassung: The remote host is missing an update for the 'systemd' package(s) announced via the MGASA-2019-0330 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'systemd' package(s) announced via the MGASA-2019-0330 advisory.

Vulnerability Insight:
Updated systemd packages fix security vulnerability:

Nadav Markus from Palo Alto Networks discovered that systemd-resolved
does not enforce appropriate access controls on its D-Bus interface and
allows unprivileged users to execute methods that are meant to be
available only to privileged users. This can be exploited by local users
to modify the system's DNS resolver settings (CVE-2019-15718).

This update also adds various upstream fixes for networkd, resolved,
updates the manpages, fixing some logging messages and adds some missing
checks that can potentially be used to cause crashes or malfunction.

The syscall filter list has been updated to properly support newer glibc
and kernel features with seccomp and nspawn.

Affected Software/OS:
'systemd' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
3.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-15718
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIKGKXZ5OEGOEYURHLJHEMFYNLEGAW5B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRE5IS24XTF5WNZGH2L7GSQJKARBOEGL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2WNHRJW4XI6H5YMDG4BUFGPAXWUMUVG/
http://www.openwall.com/lists/oss-security/2019/09/03/1
https://bugzilla.redhat.com/show_bug.cgi?id=1746057
RedHat Security Advisories: RHSA-2019:3592
https://access.redhat.com/errata/RHSA-2019:3592
RedHat Security Advisories: RHSA-2019:3941
https://access.redhat.com/errata/RHSA-2019:3941

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2019.0330
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2019-0330)
Zusammenfassung:	The remote host is missing an update for the 'systemd' package(s) announced via the MGASA-2019-0330 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'systemd' package(s) announced via the MGASA-2019-0330 advisory. Vulnerability Insight: Updated systemd packages fix security vulnerability: Nadav Markus from Palo Alto Networks discovered that systemd-resolved does not enforce appropriate access controls on its D-Bus interface and allows unprivileged users to execute methods that are meant to be available only to privileged users. This can be exploited by local users to modify the system's DNS resolver settings (CVE-2019-15718). This update also adds various upstream fixes for networkd, resolved, updates the manpages, fixing some logging messages and adds some missing checks that can potentially be used to cause crashes or malfunction. The syscall filter list has been updated to properly support newer glibc and kernel features with seccomp and nspawn. Affected Software/OS: 'systemd' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 3.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15718 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIKGKXZ5OEGOEYURHLJHEMFYNLEGAW5B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRE5IS24XTF5WNZGH2L7GSQJKARBOEGL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2WNHRJW4XI6H5YMDG4BUFGPAXWUMUVG/ http://www.openwall.com/lists/oss-security/2019/09/03/1 https://bugzilla.redhat.com/show_bug.cgi?id=1746057 RedHat Security Advisories: RHSA-2019:3592 https://access.redhat.com/errata/RHSA-2019:3592 RedHat Security Advisories: RHSA-2019:3941 https://access.redhat.com/errata/RHSA-2019:3941
Copyright	Copyright (C) 2022 Greenbone AG