ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0042
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0042)
Resumen:	The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2014-0042 advisory.
Descripción:	Summary: The remote host is missing an update for the 'springframework' package(s) announced via the MGASA-2014-0042 advisory. Vulnerability Insight: Updated springframework packages fix security vulnerability: Alvaro Munoz discovered a XML External Entity (XXE) injection in the Spring Framework which can be used for conducting CSRF and DoS attacks on other sites (CVE-2013-4152). Affected Software/OS: 'springframework' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4152 BugTraq ID: 61951 http://www.securityfocus.com/bid/61951 Bugtraq: 20130822 CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework (Google Search) http://seclists.org/bugtraq/2013/Aug/154 Debian Security Information: DSA-2842 (Google Search) http://www.debian.org/security/2014/dsa-2842 http://seclists.org/fulldisclosure/2013/Nov/14 RedHat Security Advisories: RHSA-2014:0212 http://rhn.redhat.com/errata/RHSA-2014-0212.html RedHat Security Advisories: RHSA-2014:0245 http://rhn.redhat.com/errata/RHSA-2014-0245.html RedHat Security Advisories: RHSA-2014:0254 http://rhn.redhat.com/errata/RHSA-2014-0254.html RedHat Security Advisories: RHSA-2014:0400 http://rhn.redhat.com/errata/RHSA-2014-0400.html http://secunia.com/advisories/56247 http://secunia.com/advisories/57915
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.