ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0004
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0004)
Resumen:	The remote host is missing an update for the 'python-yaml' package(s) announced via the MGASA-2015-0004 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-yaml' package(s) announced via the MGASA-2015-0004 advisory. Vulnerability Insight: Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash. This issue is similar to CVE-2014-9130, but the assertion was independently implemented in Python-YAML. Affected Software/OS: 'python-yaml' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9130 BugTraq ID: 71349 http://www.securityfocus.com/bid/71349 Debian Security Information: DSA-3102 (Google Search) http://www.debian.org/security/2014/dsa-3102 Debian Security Information: DSA-3103 (Google Search) http://www.debian.org/security/2014/dsa-3103 Debian Security Information: DSA-3115 (Google Search) http://www.debian.org/security/2014/dsa-3115 http://www.mandriva.com/security/advisories?name=MDVSA-2014:242 http://www.mandriva.com/security/advisories?name=MDVSA-2015:060 https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure http://www.openwall.com/lists/oss-security/2014/11/28/8 http://www.openwall.com/lists/oss-security/2014/11/28/1 http://www.openwall.com/lists/oss-security/2014/11/29/3 RedHat Security Advisories: RHSA-2015:0100 http://rhn.redhat.com/errata/RHSA-2015-0100.html RedHat Security Advisories: RHSA-2015:0112 http://rhn.redhat.com/errata/RHSA-2015-0112.html RedHat Security Advisories: RHSA-2015:0260 http://rhn.redhat.com/errata/RHSA-2015-0260.html http://secunia.com/advisories/59947 http://secunia.com/advisories/60944 http://secunia.com/advisories/62164 http://secunia.com/advisories/62174 http://secunia.com/advisories/62176 http://secunia.com/advisories/62705 http://secunia.com/advisories/62723 http://secunia.com/advisories/62774 SuSE Security Announcement: openSUSE-SU-2015:0319 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html SuSE Security Announcement: openSUSE-SU-2016:1067 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://www.ubuntu.com/usn/USN-2461-1 http://www.ubuntu.com/usn/USN-2461-2 http://www.ubuntu.com/usn/USN-2461-3 XForce ISS Database: libyaml-cve20149130-dos(99047) https://exchange.xforce.ibmcloud.com/vulnerabilities/99047
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.