ID de Prueba:	1.3.6.1.4.1.25623.1.0.851707
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for p7zip (openSUSE-SU-2018:0497-1)
Resumen:	The remote host is missing an update for the 'p7zip'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'p7zip' package(s) announced via the referenced advisory. Vulnerability Insight: This update for p7zip fixes the following security issues: - CVE-2016-1372: Fixed multiple vulnerabilities when processing crafted 7z files (bsc#984650) - CVE-2017-17969: Fixed a heap-based buffer overflow in a shrink decoder (bsc#1077725) - CVE-2018-5996: Fixed memory corruption in RAR decompression. The complete RAR decoder was removed as it also has license issues (bsc#1077724 bsc#1077978) This update was imported from the SUSE:SLE-12:Update update project. Affected Software/OS: p7zip on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1372 BugTraq ID: 93221 http://www.securityfocus.com/bid/93221 https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/ http://www.ubuntu.com/usn/USN-3093-1 Common Vulnerability Exposure (CVE) ID: CVE-2018-5996 https://0patch.blogspot.si/2018/02/two-interesting-micropatches-for-7-zip.html https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/ http://www.securitytracker.com/id/1040831
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.