English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.10.2020.0108
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia: Security Advisory (MGASA-2020-0108)
Zusammenfassung:The remote host is missing an update for the 'rsync' package(s) announced via the MGASA-2020-0108 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'rsync' package(s) announced via the MGASA-2020-0108 advisory.

Vulnerability Insight:
Updated rsync packages fix security vulnerabilities:

It was discovered that rsync incorrectly handled pointer arithmetic in
zlib. An attacker could use this issue to cause rsync to crash, resulting
in a denial of service, or possibly execute arbitrary code (CVE-2016-9840,
CVE-2016-9841)

It was discovered that rsync incorrectly handled vectors involving left
shifts of negative integers in zlib. An attacker could use this issue to
cause rsync to crash, resulting in a denial of service, or possibly
execute arbitrary code (CVE-2016-9842).

It was discovered that rsync incorrectly handled vectors involving big-
endian CRC calculation in zlib. An attacker could use this issue to cause
rsync to crash, resulting in a denial of service, or possibly execute
arbitrary code (CVE-2016-9843).

Please note, we now compile against system zlib. If rsync fails to sync
with older remote systems using compression (-z), you have either update
the remote host to a newer version or disable compression.

Affected Software/OS:
'rsync' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-9840
BugTraq ID: 95131
http://www.securityfocus.com/bid/95131
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://bugzilla.redhat.com/show_bug.cgi?id=1402345
https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
https://support.apple.com/HT208112
https://support.apple.com/HT208113
https://support.apple.com/HT208115
https://support.apple.com/HT208144
https://security.gentoo.org/glsa/201701-56
https://security.gentoo.org/glsa/202007-54
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
http://www.openwall.com/lists/oss-security/2016/12/05/21
RedHat Security Advisories: RHSA-2017:1220
https://access.redhat.com/errata/RHSA-2017:1220
RedHat Security Advisories: RHSA-2017:1221
https://access.redhat.com/errata/RHSA-2017:1221
RedHat Security Advisories: RHSA-2017:1222
https://access.redhat.com/errata/RHSA-2017:1222
RedHat Security Advisories: RHSA-2017:2999
https://access.redhat.com/errata/RHSA-2017:2999
RedHat Security Advisories: RHSA-2017:3046
https://access.redhat.com/errata/RHSA-2017:3046
RedHat Security Advisories: RHSA-2017:3047
https://access.redhat.com/errata/RHSA-2017:3047
RedHat Security Advisories: RHSA-2017:3453
https://access.redhat.com/errata/RHSA-2017:3453
http://www.securitytracker.com/id/1039427
SuSE Security Announcement: openSUSE-SU-2016:3202 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
SuSE Security Announcement: openSUSE-SU-2017:0077 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
SuSE Security Announcement: openSUSE-SU-2017:0080 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
https://usn.ubuntu.com/4246-1/
https://usn.ubuntu.com/4292-1/
Common Vulnerability Exposure (CVE) ID: CVE-2016-9841
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://bugzilla.redhat.com/show_bug.cgi?id=1402346
https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
https://security.netapp.com/advisory/ntap-20171019-0001/
http://www.securitytracker.com/id/1039596
Common Vulnerability Exposure (CVE) ID: CVE-2016-9842
https://bugzilla.redhat.com/show_bug.cgi?id=1402348
https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
Common Vulnerability Exposure (CVE) ID: CVE-2016-9843
https://bugzilla.redhat.com/show_bug.cgi?id=1402351
https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811
https://security.netapp.com/advisory/ntap-20181018-0002/
http://www.securitytracker.com/id/1041888
CopyrightCopyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.