CentOS Local Security Checks : CentOS Update for xmlrpc-client CESA-2018:1780 centos7

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882909

Categoría: CentOS Local Security Checks

Título: CentOS Update for xmlrpc-client CESA-2018:1780 centos7

Resumen: Check the version of xmlrpc-client

Descripción: Summary:
Check the version of xmlrpc-client

Vulnerability Insight:
Apache XML-RPC is a Java implementation of
XML-RPC, a popular protocol that uses XML over HTTP to implement remote
procedure calls.

Security Fix(es):

* xmlrpc: Deserialization of untrusted Java object through
ex:serializable tag (CVE-2016-5003)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Affected Software/OS:
xmlrpc-client on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-5003
https://security.gentoo.org/glsa/202401-26
1036294
http://www.securitytracker.com/id/1036294
91736
http://www.securityfocus.com/bid/91736
91738
http://www.securityfocus.com/bid/91738
RHSA-2018:1779
https://access.redhat.com/errata/RHSA-2018:1779
RHSA-2018:1780
https://access.redhat.com/errata/RHSA-2018:1780
RHSA-2018:1784
https://access.redhat.com/errata/RHSA-2018:1784
RHSA-2018:2317
https://access.redhat.com/errata/RHSA-2018:2317
RHSA-2018:3768
https://access.redhat.com/errata/RHSA-2018:3768
[oss-security] 20160712 Vulnerabilities in Apache Archiva
http://www.openwall.com/lists/oss-security/2016/07/12/5
[oss-security] 20200116 [CVE-2019-17570] xmlrpc-common untrusted deserialization
http://www.openwall.com/lists/oss-security/2020/01/16/1
[oss-security] 20200124 RE: [CVE-2019-17570] xmlrpc-common untrusted deserialization
http://www.openwall.com/lists/oss-security/2020/01/24/2
apache-archiva-cve20165003-code-exec(115043)
https://exchange.xforce.ibmcloud.com/vulnerabilities/115043
https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html

Copyright Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882909
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for xmlrpc-client CESA-2018:1780 centos7
Resumen:	Check the version of xmlrpc-client
Descripción:	Summary: Check the version of xmlrpc-client Vulnerability Insight: Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Security Fix(es): * xmlrpc: Deserialization of untrusted Java object through ex:serializable tag (CVE-2016-5003) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: xmlrpc-client on CentOS 7 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5003 https://security.gentoo.org/glsa/202401-26 1036294 http://www.securitytracker.com/id/1036294 91736 http://www.securityfocus.com/bid/91736 91738 http://www.securityfocus.com/bid/91738 RHSA-2018:1779 https://access.redhat.com/errata/RHSA-2018:1779 RHSA-2018:1780 https://access.redhat.com/errata/RHSA-2018:1780 RHSA-2018:1784 https://access.redhat.com/errata/RHSA-2018:1784 RHSA-2018:2317 https://access.redhat.com/errata/RHSA-2018:2317 RHSA-2018:3768 https://access.redhat.com/errata/RHSA-2018:3768 [oss-security] 20160712 Vulnerabilities in Apache Archiva http://www.openwall.com/lists/oss-security/2016/07/12/5 [oss-security] 20200116 [CVE-2019-17570] xmlrpc-common untrusted deserialization http://www.openwall.com/lists/oss-security/2020/01/16/1 [oss-security] 20200124 RE: [CVE-2019-17570] xmlrpc-common untrusted deserialization http://www.openwall.com/lists/oss-security/2020/01/24/2 apache-archiva-cve20165003-code-exec(115043) https://exchange.xforce.ibmcloud.com/vulnerabilities/115043 https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html
Copyright	Copyright (C) 2018 Greenbone AG