ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0009
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0009)
Resumen:	The remote host is missing an update for the 'libevent' package(s) announced via the MGASA-2015-0009 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libevent' package(s) announced via the MGASA-2015-0009 advisory. Vulnerability Insight: Updated libevent packages fix security vulnerability: Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t (CVE-2014-6272). Affected Software/OS: 'libevent' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6272 Debian Security Information: DSA-3119 (Google Search) http://www.debian.org/security/2015/dsa-3119 http://archives.seul.org/libevent/users/Jan-2015/msg00010.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.366317
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.