ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0350
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0350)
Resumen:	The remote host is missing an update for the 'ansible' package(s) announced via the MGASA-2014-0350 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ansible' package(s) announced via the MGASA-2014-0350 advisory. Vulnerability Insight: Updated ansible package fixes security vulnerabilities: The Ansible platform before version 1.6.7 suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control certain playbook variables (CVE-2014-4678, CVE-2014-4966, CVE-2014-4967). The ansible package has been updated to version 1.6.8, which fixes these issues and several other bugs. Affected Software/OS: 'ansible' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-4678 https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ https://security-tracker.debian.org/tracker/CVE-2014-4678 https://www.openwall.com/lists/oss-security/2014/06/26/30 https://www.openwall.com/lists/oss-security/2014/07/02/2 https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5 https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678 Common Vulnerability Exposure (CVE) ID: CVE-2014-4966 http://www.ocert.org/advisories/ocert-2014-004.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4967
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.