 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.130084 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2015-0294) |
| Resumen: | The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2015-0294 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2015-0294 advisory. Vulnerability Insight: In Spring Framework before 3.2.14, if DTD is not entirely disabled, inline DTD declarations can be used to perform denial of service attacks known as XML bombs. Such declarations are both well-formed and valid according to XML schema rules but when parsed can cause out of memory errors. To protect against this kind of attack DTD support must be disabled by setting the disallow-doctype-dec feature in the DOM and SAX APIs to true and by setting the supportDTD property in the StAX API to false (CVE-2015-3192). This package is no longer supported for Mageia 4. Users of this package are advised to upgrade to Mageia 5 Affected Software/OS: 'springframework' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-3192 BugTraq ID: 90853 http://www.securityfocus.com/bid/90853 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162017.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162015.html https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html RedHat Security Advisories: RHSA-2016:1218 https://access.redhat.com/errata/RHSA-2016:1218 RedHat Security Advisories: RHSA-2016:1219 https://access.redhat.com/errata/RHSA-2016:1219 RedHat Security Advisories: RHSA-2016:1592 http://rhn.redhat.com/errata/RHSA-2016-1592.html RedHat Security Advisories: RHSA-2016:1593 http://rhn.redhat.com/errata/RHSA-2016-1593.html RedHat Security Advisories: RHSA-2016:2035 http://rhn.redhat.com/errata/RHSA-2016-2035.html RedHat Security Advisories: RHSA-2016:2036 http://rhn.redhat.com/errata/RHSA-2016-2036.html http://www.securitytracker.com/id/1036587 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |