Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0017
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0017)
Zusammenfassung:	The remote host is missing an update for the 'tor' package(s) announced via the MGASA-2023-0017 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tor' package(s) announced via the MGASA-2023-0017 advisory. Vulnerability Insight: SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. (CVE-2023-23589) Affected Software/OS: 'tor' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-23589 Debian Security Information: DSA-5320 (Google Search) https://www.debian.org/security/2023/dsa-5320 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYOLTP6HQO2HPXUYKOR7P5YYYN7CINQQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMY4FWXYKP3MDXTZ3EJ7XJVGBCKBK2XL/ https://security.gentoo.org/glsa/202305-11 https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc https://gitlab.torproject.org/tpo/core/tor/-/issues/40730 https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes https://lists.debian.org/debian-lts-announce/2023/01/msg00026.html
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.