ID de Prueba:	1.3.6.1.4.1.25623.1.0.105432
Categoría:	F5 Local Security Checks
Título:	F5 BIG-IP - Linux kernel vulnerability CVE-2014-9420
Resumen:	The remote host is missing a security patch.
Descripción:	Summary: The remote host is missing a security patch. Vulnerability Insight: The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. (CVE-2014-9420) Vulnerability Impact: A local authenticated attacker may cause a denial-of-service (DoS) to the system by using a specially crafted ISO image. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9420 62801 http://secunia.com/advisories/62801 FEDORA-2015-0515 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html FEDORA-2015-0517 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html MDVSA-2015:058 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 RHSA-2015:1081 http://rhn.redhat.com/errata/RHSA-2015-1081.html RHSA-2015:1137 http://rhn.redhat.com/errata/RHSA-2015-1137.html RHSA-2015:1138 http://rhn.redhat.com/errata/RHSA-2015-1138.html SUSE-SU-2015:0178 http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html USN-2490-1 http://www.ubuntu.com/usn/USN-2490-1 USN-2491-1 http://www.ubuntu.com/usn/USN-2491-1 USN-2492-1 http://www.ubuntu.com/usn/USN-2492-1 USN-2493-1 http://www.ubuntu.com/usn/USN-2493-1 USN-2515-1 http://www.ubuntu.com/usn/USN-2515-1 USN-2516-1 http://www.ubuntu.com/usn/USN-2516-1 USN-2517-1 http://www.ubuntu.com/usn/USN-2517-1 USN-2518-1 http://www.ubuntu.com/usn/USN-2518-1 [oss-security] 20141225 Re: CVE Request Linux kernel: fs: isofs: infinite loop in CE records http://www.openwall.com/lists/oss-security/2014/12/25/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f54e18f1b831c92f6512d2eedb224cd63d607d3d http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bugzilla.redhat.com/show_bug.cgi?id=1175235 https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d https://source.android.com/security/bulletin/2017-01-01.html openSUSE-SU-2015:0714 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.