ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0458
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0458)
Resumen:	The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2014-0458 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2014-0458 advisory. Vulnerability Insight: An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC (Elliptic Curve Cryptography) certificates or certificate signing requests (CSR). A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application compiled against GnuTLS (for example, certtool), could cause that application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2014-8564). Affected Software/OS: 'gnutls' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8564 RedHat Security Advisories: RHSA-2014:1846 http://rhn.redhat.com/errata/RHSA-2014-1846.html http://secunia.com/advisories/59991 http://secunia.com/advisories/62284 http://secunia.com/advisories/62294 SuSE Security Announcement: openSUSE-SU-2014:1472 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html http://www.ubuntu.com/usn/USN-2403-1
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.