ID de Prueba:	1.3.6.1.4.1.25623.1.0.871881
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for spice RHSA-2017:2471-01
Resumen:	The remote host is missing an update for the 'spice'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'spice' package(s) announced via the referenced advisory. Vulnerability Insight: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * A vulnerability was discovered in spice server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses, leading to parts of server memory being leaked or a crash. (CVE-2017-7506) This issue was discovered by Frediano Ziglio (Red Hat). Affected Software/OS: spice on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7506 99583 http://www.securityfocus.com/bid/99583 DSA-3907 http://www.debian.org/security/2017/dsa-3907 RHSA-2017:2471 https://access.redhat.com/errata/RHSA-2017:2471 RHSA-2018:3522 https://access.redhat.com/errata/RHSA-2018:3522 [oss-security] 20170714 CVE-2017-7506 spice: Possible buffer overflow via invalid monitor configurations http://www.openwall.com/lists/oss-security/2017/07/14/1 https://bugzilla.redhat.com/show_bug.cgi?id=1452606
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.