Búsqueda de    
Vulnerabilidad   
    Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.120623
Categoría:Amazon Linux Local Security Checks
Título:Amazon Linux: Security Advisory (ALAS-2016-633)
Resumen:The remote host is missing an update for the 'libldb' package(s) announced via the ALAS-2016-633 advisory.
Descripción:Summary:
The remote host is missing an update for the 'libldb' package(s) announced via the ALAS-2016-633 advisory.

Vulnerability Insight:
A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of memory and crash.

A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server.

Affected Software/OS:
'libldb' package(s) on Amazon Linux.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-3223
BugTraq ID: 79731
http://www.securityfocus.com/bid/79731
Debian Security Information: DSA-3433 (Google Search)
http://www.debian.org/security/2016/dsa-3433
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
https://security.gentoo.org/glsa/201612-47
http://www.securitytracker.com/id/1034493
SuSE Security Announcement: SUSE-SU-2015:2304 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html
SuSE Security Announcement: SUSE-SU-2015:2305 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html
SuSE Security Announcement: openSUSE-SU-2015:2354 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html
SuSE Security Announcement: openSUSE-SU-2015:2356 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
SuSE Security Announcement: openSUSE-SU-2016:1064 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
http://www.ubuntu.com/usn/USN-2855-1
http://www.ubuntu.com/usn/USN-2855-2
http://www.ubuntu.com/usn/USN-2856-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5330
BugTraq ID: 79734
http://www.securityfocus.com/bid/79734
SuSE Security Announcement: SUSE-SU-2016:0032 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2016:0164 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00017.html
SuSE Security Announcement: openSUSE-SU-2016:1106 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html
SuSE Security Announcement: openSUSE-SU-2016:1107 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html
CopyrightCopyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2025 E-Soft Inc. Todos los derechos reservados.