ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0289
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0289)
Resumen:	The remote host is missing an update for the 'dpkg' package(s) announced via the MGASA-2014-0289 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dpkg' package(s) announced via the MGASA-2014-0289 advisory. Vulnerability Insight: Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package, leading to the creation of files outside the directory of the source being unpacked (CVE-2014-0471). Multiple vulnerabilities were discovered in dpkg that allow file modification through path traversal when unpacking source packages with especially-crafted patch files (CVE-2014-3864, CVE-2014-3865). Affected Software/OS: 'dpkg' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0471 BugTraq ID: 67106 http://www.securityfocus.com/bid/67106 Debian Security Information: DSA-2915 (Google Search) http://www.debian.org/security/2014/dsa-2915 http://www.ubuntu.com/usn/USN-2183-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3864 BugTraq ID: 67725 http://www.securityfocus.com/bid/67725 Debian Security Information: DSA-2953 (Google Search) http://www.debian.org/security/2014/dsa-2953 http://openwall.com/lists/oss-security/2014/05/25/2 http://www.ubuntu.com/usn/USN-2242-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3865 BugTraq ID: 67727 http://www.securityfocus.com/bid/67727
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.