Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0364)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.130026

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2015-0364)

Resumen: The remote host is missing an update for the 'libvdpau' package(s) announced via the MGASA-2015-0364 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libvdpau' package(s) announced via the MGASA-2015-0364 advisory.

Vulnerability Insight:
Updated libvdpau packages fix security vulnerabilities:

libvdpau versions 1.1 and earlier, when used in setuid or setgid applications,
contain vulnerabilities related to environment variable handling that could
allow an attacker to execute arbitrary code or overwrite arbitrary files
(CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200).

Affected Software/OS:
'libvdpau' package(s) on Mageia 4, Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-5198
76636
http://www.securityfocus.com/bid/76636
DSA-3355
http://www.debian.org/security/2015/dsa-3355
FEDORA-2015-14850
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165546.html
FEDORA-2015-14851
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167469.html
FEDORA-2015-3ca3f2138b
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170637.html
USN-2729-1
http://www.ubuntu.com/usn/USN-2729-1
[xorg-announce] 20150831 libvdpau 1.1.1
http://lists.x.org/archives/xorg-announce/2015-August/002630.html
https://bugzilla.redhat.com/show_bug.cgi?id=1253824
openSUSE-SU-2015:1537
http://lists.opensuse.org/opensuse-updates/2015-09/msg00012.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-5199
https://bugzilla.redhat.com/show_bug.cgi?id=1253826
Common Vulnerability Exposure (CVE) ID: CVE-2015-5200
https://bugzilla.redhat.com/show_bug.cgi?id=1253827

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.130026
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0364)
Resumen:	The remote host is missing an update for the 'libvdpau' package(s) announced via the MGASA-2015-0364 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvdpau' package(s) announced via the MGASA-2015-0364 advisory. Vulnerability Insight: Updated libvdpau packages fix security vulnerabilities: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files (CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200). Affected Software/OS: 'libvdpau' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5198 76636 http://www.securityfocus.com/bid/76636 DSA-3355 http://www.debian.org/security/2015/dsa-3355 FEDORA-2015-14850 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165546.html FEDORA-2015-14851 http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167469.html FEDORA-2015-3ca3f2138b http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170637.html USN-2729-1 http://www.ubuntu.com/usn/USN-2729-1 [xorg-announce] 20150831 libvdpau 1.1.1 http://lists.x.org/archives/xorg-announce/2015-August/002630.html https://bugzilla.redhat.com/show_bug.cgi?id=1253824 openSUSE-SU-2015:1537 http://lists.opensuse.org/opensuse-updates/2015-09/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5199 https://bugzilla.redhat.com/show_bug.cgi?id=1253826 Common Vulnerability Exposure (CVE) ID: CVE-2015-5200 https://bugzilla.redhat.com/show_bug.cgi?id=1253827
Copyright	Copyright (C) 2015 Greenbone AG