Debian Local Security Checks : Debian Security Advisory DSA 4339-1 (ceph

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.704339

Categoría: Debian Local Security Checks

Título: Debian Security Advisory DSA 4339-1 (ceph - security update)

Resumen: Multiple vulnerabilities were discovered in Ceph, a distributed storage;and file system: The cephx authentication protocol was suspectible to;replay attacks and calculated signatures incorrectly, ceph mon;did not;validate capabilities for pool operations (resulting in potential;corruption or deletion of snapshot images) and a format string;vulnerability in libradosstriper could result in denial of service.

Descripción: Summary:
Multiple vulnerabilities were discovered in Ceph, a distributed storage
and file system: The cephx authentication protocol was suspectible to
replay attacks and calculated signatures incorrectly, ceph mon
did not
validate capabilities for pool operations (resulting in potential
corruption or deletion of snapshot images) and a format string
vulnerability in libradosstriper could result in denial of service.

Affected Software/OS:
ceph on Debian Linux

Solution:
For the stable distribution (stretch), these problems have been fixed in
version 10.2.11-1.

We recommend that you upgrade your ceph packages.

CVSS Score:
5.5

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-7519
BugTraq ID: 99075
http://www.securityfocus.com/bid/99075
Debian Security Information: DSA-4339 (Google Search)
https://www.debian.org/security/2018/dsa-4339
Common Vulnerability Exposure (CVE) ID: CVE-2018-1128
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
http://www.openwall.com/lists/oss-security/2020/11/17/3
http://www.openwall.com/lists/oss-security/2020/11/17/4
RedHat Security Advisories: RHSA-2018:2177
https://access.redhat.com/errata/RHSA-2018:2177
RedHat Security Advisories: RHSA-2018:2179
https://access.redhat.com/errata/RHSA-2018:2179
RedHat Security Advisories: RHSA-2018:2261
https://access.redhat.com/errata/RHSA-2018:2261
RedHat Security Advisories: RHSA-2018:2274
https://access.redhat.com/errata/RHSA-2018:2274
SuSE Security Announcement: openSUSE-SU-2019:1284 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-1129
http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

Copyright Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.704339
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 4339-1 (ceph - security update)
Resumen:	Multiple vulnerabilities were discovered in Ceph, a distributed storage;and file system: The cephx authentication protocol was suspectible to;replay attacks and calculated signatures incorrectly, ceph mon;did not;validate capabilities for pool operations (resulting in potential;corruption or deletion of snapshot images) and a format string;vulnerability in libradosstriper could result in denial of service.
Descripción:	Summary: Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system: The cephx authentication protocol was suspectible to replay attacks and calculated signatures incorrectly, ceph mon did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service. Affected Software/OS: ceph on Debian Linux Solution: For the stable distribution (stretch), these problems have been fixed in version 10.2.11-1. We recommend that you upgrade your ceph packages. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7519 BugTraq ID: 99075 http://www.securityfocus.com/bid/99075 Debian Security Information: DSA-4339 (Google Search) https://www.debian.org/security/2018/dsa-4339 Common Vulnerability Exposure (CVE) ID: CVE-2018-1128 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html http://www.openwall.com/lists/oss-security/2020/11/17/3 http://www.openwall.com/lists/oss-security/2020/11/17/4 RedHat Security Advisories: RHSA-2018:2177 https://access.redhat.com/errata/RHSA-2018:2177 RedHat Security Advisories: RHSA-2018:2179 https://access.redhat.com/errata/RHSA-2018:2179 RedHat Security Advisories: RHSA-2018:2261 https://access.redhat.com/errata/RHSA-2018:2261 RedHat Security Advisories: RHSA-2018:2274 https://access.redhat.com/errata/RHSA-2018:2274 SuSE Security Announcement: openSUSE-SU-2019:1284 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html Common Vulnerability Exposure (CVE) ID: CVE-2018-1129 http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
Copyright	Copyright (C) 2018 Greenbone Networks GmbH