ID de Prueba:	1.3.6.1.4.1.25623.1.0.105943
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS Multiple xml2 Vulnerabilities
Resumen:	Multiple vulnerabilities in the libxml version used by Junos OS.
Descripción:	Summary: Multiple vulnerabilities in the libxml version used by Junos OS. Vulnerability Insight: libxml2 has been updated from 2.7.6 to 2.9.1 in Junos OS to address multiple vulnerabilities. Vulnerability Impact: The vulnerabilities may lead to DoS attacks or arbitrary code execution. Affected Software/OS: Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.3 and 14.1 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1944 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html BugTraq ID: 48056 http://www.securityfocus.com/bid/48056 Debian Security Information: DSA-2255 (Google Search) http://www.debian.org/security/2011/dsa-2255 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: SSRT100877 http://www.mandriva.com/security/advisories?name=MDVSA-2011:131 http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html http://www.openwall.com/lists/oss-security/2011/05/31/8 http://www.osvdb.org/73248 http://www.redhat.com/support/errata/RHSA-2011-1749.html RedHat Security Advisories: RHSA-2013:0217 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/44711 SuSE Security Announcement: openSUSE-SU-2011:0839 (Google Search) http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html http://ubuntu.com/usn/usn-1153-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-5134 http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html BugTraq ID: 56684 http://www.securityfocus.com/bid/56684 Debian Security Information: DSA-2580 (Google Search) http://www.debian.org/security/2012/dsa-2580 http://www.mandriva.com/security/advisories?name=MDVSA-2013:056 RedHat Security Advisories: RHSA-2012:1512 http://rhn.redhat.com/errata/RHSA-2012-1512.html http://www.securitytracker.com/id?1027815 http://secunia.com/advisories/51448 http://secunia.com/advisories/54886 http://secunia.com/advisories/55568 SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:1637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html SuSE Security Announcement: openSUSE-SU-2013:0178 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html http://www.ubuntu.com/usn/USN-1656-1 XForce ISS Database: google-libxml-buffer-underflow(80294) https://exchange.xforce.ibmcloud.com/vulnerabilities/80294 Common Vulnerability Exposure (CVE) ID: CVE-2012-0841 1026723 http://securitytracker.com/id?1026723 52107 http://www.securityfocus.com/bid/52107 54886 55568 APPLE-SA-2013-09-18-2 APPLE-SA-2013-10-22-8 DSA-2417 http://www.debian.org/security/2012/dsa-2417 MDVSA-2013:150 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 RHSA-2012:0324 http://rhn.redhat.com/errata/RHSA-2012-0324.html RHSA-2013:0217 SUSE-SU-2013:1627 [oss-security] 20120222 libxml2: hash table collisions CPU usage DoS http://www.openwall.com/lists/oss-security/2012/02/22/1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846 http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf http://xmlsoft.org/news.html https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of Common Vulnerability Exposure (CVE) ID: CVE-2013-2877 BugTraq ID: 61050 http://www.securityfocus.com/bid/61050 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2724 (Google Search) http://www.debian.org/security/2013/dsa-2724 Debian Security Information: DSA-2779 (Google Search) http://www.debian.org/security/2013/dsa-2779 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/54172 SuSE Security Announcement: openSUSE-SU-2013:1221 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00063.html SuSE Security Announcement: openSUSE-SU-2013:1246 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00077.html http://www.ubuntu.com/usn/USN-1904-1 http://www.ubuntu.com/usn/USN-1904-2 Common Vulnerability Exposure (CVE) ID: CVE-2013-0338 52662 http://secunia.com/advisories/52662 DSA-2652 http://www.debian.org/security/2013/dsa-2652 HPSBGN03302 http://marc.info/?l=bugtraq&m=142798889927587&w=2 MDVSA-2013:056 SSRT101996 USN-1782-1 http://www.ubuntu.com/usn/USN-1782-1 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html https://bugzilla.redhat.com/show_bug.cgi?id=912400 https://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab openSUSE-SU-2013:0552 http://lists.opensuse.org/opensuse-updates/2013-03/msg00112.html openSUSE-SU-2013:0555 http://lists.opensuse.org/opensuse-updates/2013-03/msg00114.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.