English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.883114
Categoría:CentOS Local Security Checks
Título:CentOS Update for qemu-guest-agent CESA-2019:2892 centos6
Resumen:The remote host is missing an update for the 'qemu-guest-agent'; package(s) announced via the CESA-2019:2892 advisory.
Descripción:Summary:
The remote host is missing an update for the 'qemu-guest-agent'
package(s) announced via the CESA-2019:2892 advisory.

Vulnerability Insight:
Kernel-based Virtual Machine (KVM) is a full virtualization solution for
Linux on a variety of architectures. The qemu-kvm packages provide the
user-space component for running virtual machines that use KVM.

Security Fix(es):

* QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams
(CVE-2018-11806)

* QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778)

* QEMU: ne2000: integer overflow leads to buffer overflow issue
(CVE-2018-10839)

* QEMU: pcnet: integer overflow leads to buffer overflow (CVE-2018-17962)

* QEMU: qxl: null pointer dereference while releasing spice resources
(CVE-2019-12155)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'qemu-guest-agent' package(s) on CentOS 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-10839
DSA-4338
https://www.debian.org/security/2018/dsa-4338
RHSA-2019:2892
https://access.redhat.com/errata/RHSA-2019:2892
USN-3826-1
https://usn.ubuntu.com/3826-1/
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
[oss-security] 20181008 Qemu: integer overflow issues
https://www.openwall.com/lists/oss-security/2018/10/08/1
[qemu-devel] 20180926 [PULL 21/25] ne2000: fix possible out of bound access in ne2000_receive
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10839
Common Vulnerability Exposure (CVE) ID: CVE-2018-11806
BugTraq ID: 104400
http://www.securityfocus.com/bid/104400
Bugtraq: 20190531 [SECURITY] [DSA 4454-1] qemu security update (Google Search)
https://seclists.org/bugtraq/2019/May/76
Debian Security Information: DSA-4454 (Google Search)
https://www.debian.org/security/2019/dsa-4454
https://www.zerodayinitiative.com/advisories/ZDI-18-567/
https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html
http://www.openwall.com/lists/oss-security/2018/06/07/1
https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html
RedHat Security Advisories: RHSA-2018:2462
https://access.redhat.com/errata/RHSA-2018:2462
RedHat Security Advisories: RHSA-2018:2762
https://access.redhat.com/errata/RHSA-2018:2762
RedHat Security Advisories: RHSA-2018:2822
https://access.redhat.com/errata/RHSA-2018:2822
RedHat Security Advisories: RHSA-2018:2887
https://access.redhat.com/errata/RHSA-2018:2887
RedHat Security Advisories: RHSA-2019:2892
Common Vulnerability Exposure (CVE) ID: CVE-2018-17962
Debian Security Information: DSA-4338 (Google Search)
http://www.openwall.com/lists/oss-security/2018/10/08/1
https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-6778
BugTraq ID: 106758
http://www.securityfocus.com/bid/106758
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/
[Qemu-devel][PULL 65/65] 20190114 slirp: check data length while emulating ident
https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
[oss-security] 20190124 CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu()
http://www.openwall.com/lists/oss-security/2019/01/24/5
RedHat Security Advisories: RHSA-2019:1883
https://access.redhat.com/errata/RHSA-2019:1883
RedHat Security Advisories: RHSA-2019:1968
https://access.redhat.com/errata/RHSA-2019:1968
RedHat Security Advisories: RHSA-2019:2425
https://access.redhat.com/errata/RHSA-2019:2425
SuSE Security Announcement: SUSE-SA-2019:0254-1 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html
SuSE Security Announcement: openSUSE-SU-2019:1074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
SuSE Security Announcement: openSUSE-SU-2019:1226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html
SuSE Security Announcement: openSUSE-SU-2019:2044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html
SuSE Security Announcement: openSUSE-SU-2020:0468 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://usn.ubuntu.com/3923-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-12155
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVDHJB2QKXNDU7OFXIHIL5O5VN5QCSZL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOE3PVFPMWMXV3DGP2R3XIHAF2ZQU3FS/
https://git.qemu.org/?p=qemu.git;a=commit;h=3be7eb2f47bf71db5f80fcf8750ea395dd5ffdd2
https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg01321.html
https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html
RedHat Security Advisories: RHBA-2019:3723
https://access.redhat.com/errata/RHBA-2019:3723
RedHat Security Advisories: RHSA-2019:2607
https://access.redhat.com/errata/RHSA-2019:2607
RedHat Security Advisories: RHSA-2019:3179
https://access.redhat.com/errata/RHSA-2019:3179
RedHat Security Advisories: RHSA-2019:3345
https://access.redhat.com/errata/RHSA-2019:3345
RedHat Security Advisories: RHSA-2019:3742
https://access.redhat.com/errata/RHSA-2019:3742
RedHat Security Advisories: RHSA-2019:3787
https://access.redhat.com/errata/RHSA-2019:3787
RedHat Security Advisories: RHSA-2019:4344
https://access.redhat.com/errata/RHSA-2019:4344
SuSE Security Announcement: openSUSE-SU-2019:2041 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00000.html
SuSE Security Announcement: openSUSE-SU-2019:2059 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00008.html
https://usn.ubuntu.com/4191-1/
https://usn.ubuntu.com/4191-2/
CopyrightCopyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.