 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2020.0251 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2020-0251) |
| Zusammenfassung: | The remote host is missing an update for the 'openconnect' package(s) announced via the MGASA-2020-0251 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'openconnect' package(s) announced via the MGASA-2020-0251 advisory. Vulnerability Insight: Updated openconnect packages fix security vulnerabilities: OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks (CVE-2020-12105). OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c (CVE-2020-12823). The openconnect package has been updated to version 8.10, fixing these issues and other bugs. See the upstream changelog for details. Affected Software/OS: 'openconnect' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-12105 https://security.gentoo.org/glsa/202006-15 https://gitlab.com/openconnect/openconnect/-/merge_requests/96 SuSE Security Announcement: openSUSE-SU-2020:0694 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2020-12823 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYSXLXAPXD2T73T6JMHI5G2WP7KHAGMN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEVTIH5UFX35CC7MVSYBGRM3D66ACFD5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25MFX4AZE7RDCUWOL4ZOE73YBOPUMQDX/ https://bugs.gentoo.org/721570 https://gitlab.com/openconnect/openconnect/-/merge_requests/108 https://lists.debian.org/debian-lts-announce/2020/05/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0997 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00039.html SuSE Security Announcement: openSUSE-SU-2020:1027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00056.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |