ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0002
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0002)
Resumen:	The remote host is missing an update for the 'xml-security' package(s) announced via the MGASA-2014-0002 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xml-security' package(s) announced via the MGASA-2014-0002 advisory. Vulnerability Insight: James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures (CVE-2013-2172). Affected Software/OS: 'xml-security' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2172 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securityfocus.com/archive/1/534161/100/0/threaded 54019 http://secunia.com/advisories/54019 60846 http://www.securityfocus.com/bid/60846 94651 http://www.osvdb.org/94651 DSA-3065 http://www.debian.org/security/2014/dsa-3065 RHSA-2013:1207 http://rhn.redhat.com/errata/RHSA-2013-1207.html RHSA-2013:1208 http://rhn.redhat.com/errata/RHSA-2013-1208.html RHSA-2013:1209 http://rhn.redhat.com/errata/RHSA-2013-1209.html RHSA-2013:1217 http://rhn.redhat.com/errata/RHSA-2013-1217.html RHSA-2013:1218 http://rhn.redhat.com/errata/RHSA-2013-1218.html RHSA-2013:1219 http://rhn.redhat.com/errata/RHSA-2013-1219.html RHSA-2013:1220 http://rhn.redhat.com/errata/RHSA-2013-1220.html RHSA-2013:1375 http://rhn.redhat.com/errata/RHSA-2013-1375.html RHSA-2013:1437 http://rhn.redhat.com/errata/RHSA-2013-1437.html RHSA-2013:1853 http://rhn.redhat.com/errata/RHSA-2013-1853.html RHSA-2014:0212 http://rhn.redhat.com/errata/RHSA-2014-0212.html USN-2028-1 http://www.ubuntu.com/usn/USN-2028-1 [santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E [santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java?r1=1353876&r2=1493772&pathrev=1493772&diff_format=h http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.