 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.882911 |
| Categoría: | CentOS Local Security Checks |
| Título: | CentOS Update for plexus-archiver CESA-2018:1836 centos7 |
| Resumen: | Check the version of plexus-archiver |
| Descripción: | Summary: Check the version of plexus-archiver Vulnerability Insight: The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives. Security Fix(es): * plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Danny Grander (Snyk) for reporting this issue. Affected Software/OS: plexus-archiver on CentOS 7 Solution: Please install the updated packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-1002200 Debian Security Information: DSA-4227 (Google Search) https://www.debian.org/security/2018/dsa-4227 https://github.com/snyk/zip-slip-vulnerability https://snyk.io/research/zip-slip-vulnerability https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31680 RedHat Security Advisories: RHSA-2018:1836 https://access.redhat.com/errata/RHSA-2018:1836 RedHat Security Advisories: RHSA-2018:1837 https://access.redhat.com/errata/RHSA-2018:1837 |
| Copyright | Copyright (C) 2018 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |