ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0107
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0107)
Resumen:	The remote host is missing an update for the 'libssh2' package(s) announced via the MGASA-2015-0107 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libssh2' package(s) announced via the MGASA-2015-0107 advisory. Vulnerability Insight: Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSH_MSG_KEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the libssh2 library to crash (denial of service) or otherwise read and use unintended memory areas in this process (CVE-2015-1782). Affected Software/OS: 'libssh2' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1782 73061 http://www.securityfocus.com/bid/73061 DSA-3182 http://www.debian.org/security/2015/dsa-3182 FEDORA-2015-3757 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html FEDORA-2015-3791 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html FEDORA-2015-3797 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html MDVSA-2015:148 http://www.mandriva.com/security/advisories?name=MDVSA-2015:148 http://www.libssh2.org/adv_20150311.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.