ID de Prueba:	1.3.6.1.4.1.25623.1.0.883109
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for kde-settings-19 CESA-2019:2606 centos7
Resumen:	The remote host is missing an update for the 'kde-settings-19'; package(s) announced via the CESA-2019:2606 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kde-settings-19' package(s) announced via the CESA-2019:2606 advisory. Vulnerability Insight: The K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Security Fix(es): * kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction (CVE-2019-14744) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kde.csh profile file contains bourne-shell code (BZ#1740042) Affected Software/OS: 'kde-settings-19' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14744 Bugtraq: 20190808 [slackware-security] kdelibs (SSA:2019-220-01) (Google Search) https://seclists.org/bugtraq/2019/Aug/9 Bugtraq: 20190812 [SECURITY] [DSA 4494-1] kconfig security update (Google Search) https://seclists.org/bugtraq/2019/Aug/12 Debian Security Information: DSA-4494 (Google Search) https://www.debian.org/security/2019/dsa-4494 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YIDXQ6CUB5E7Y3MJWCUY4VR42QAE6SCJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTFBQRJAU7ITD3TOMPZAUQMYYCAZ6DTX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UYKLUSSEK3YJOVQDL6K2LKGS3354UH6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNHO6FZRYBQ2R3UCFDGS66F6DNNTKCMM/ https://security.gentoo.org/glsa/201908-07 http://packetstormsecurity.com/files/153981/Slackware-Security-Advisory-kdelibs-Updates.html https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/ https://lists.debian.org/debian-lts-announce/2019/08/msg00023.html RedHat Security Advisories: RHSA-2019:2606 https://access.redhat.com/errata/RHSA-2019:2606 SuSE Security Announcement: openSUSE-SU-2019:1851 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00013.html SuSE Security Announcement: openSUSE-SU-2019:1855 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00016.html SuSE Security Announcement: openSUSE-SU-2019:1898 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00034.html https://usn.ubuntu.com/4100-1/
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.