Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0487)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0487

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0487)

Resumen: The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2014-0487 advisory.

Descripción: Summary:
The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2014-0487 advisory.

Vulnerability Insight:
Certain javascript files causes ClamAV to segfault when scanned with
the -a (list archived files) (CVE-2013-6497).

A heap buffer overflow was reported in ClamAV when scanning a specially
crafted y0da Crypter obfuscated PE file (CVE-2014-9050).

ClamAV has been updated to version 0.98.5 to address these and other issues.

Affected Software/OS:
'clamav' package(s) on Mageia 3, Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-6497
BugTraq ID: 70557
http://www.securityfocus.com/bid/70557
http://www.securitytracker.com/id/1031032
http://secunia.com/advisories/61593
Common Vulnerability Exposure (CVE) ID: CVE-2014-9050
BugTraq ID: 71242
http://www.securityfocus.com/bid/71242
http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html
http://www.openwall.com/lists/oss-security/2014/11/22/1
http://www.securitytracker.com/id/1031268
http://secunia.com/advisories/59645
http://secunia.com/advisories/62542
SuSE Security Announcement: SUSE-SU-2014:1571 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html
SuSE Security Announcement: SUSE-SU-2014:1574 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html
SuSE Security Announcement: openSUSE-SU-2014:1560 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html
http://www.ubuntu.com/usn/USN-2423-1

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0487
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0487)
Resumen:	The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2014-0487 advisory.
Descripción:	Summary: The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2014-0487 advisory. Vulnerability Insight: Certain javascript files causes ClamAV to segfault when scanned with the -a (list archived files) (CVE-2013-6497). A heap buffer overflow was reported in ClamAV when scanning a specially crafted y0da Crypter obfuscated PE file (CVE-2014-9050). ClamAV has been updated to version 0.98.5 to address these and other issues. Affected Software/OS: 'clamav' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6497 BugTraq ID: 70557 http://www.securityfocus.com/bid/70557 http://www.securitytracker.com/id/1031032 http://secunia.com/advisories/61593 Common Vulnerability Exposure (CVE) ID: CVE-2014-9050 BugTraq ID: 71242 http://www.securityfocus.com/bid/71242 http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html http://www.openwall.com/lists/oss-security/2014/11/22/1 http://www.securitytracker.com/id/1031268 http://secunia.com/advisories/59645 http://secunia.com/advisories/62542 SuSE Security Announcement: SUSE-SU-2014:1571 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1574 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html SuSE Security Announcement: openSUSE-SU-2014:1560 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html http://www.ubuntu.com/usn/USN-2423-1
Copyright	Copyright (C) 2022 Greenbone AG