ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0190
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0190)
Resumen:	The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2015-0190 advisory.
Descripción:	Summary: The remote host is missing an update for the 'clamav' package(s) announced via the MGASA-2015-0190 advisory. Vulnerability Insight: This updates fixes the following security issues: Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221 Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. Fix an infinite loop condition on a crafted 'xz' archive file. This was reported by Dimitri Kirchner and Goulven Guiheux.CVE-2015-2668 Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170 Affected Software/OS: 'clamav' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2170 BugTraq ID: 74443 http://www.securityfocus.com/bid/74443 https://security.gentoo.org/glsa/201512-08 SuSE Security Announcement: openSUSE-SU-2015:0906 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://ubuntu.com/usn/usn-2594-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2221 Common Vulnerability Exposure (CVE) ID: CVE-2015-2222 Common Vulnerability Exposure (CVE) ID: CVE-2015-2305 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 72611 http://www.securityfocus.com/bid/72611 CERT/CC vulnerability note: VU#695940 http://www.kb.cert.org/vuls/id/695940 Debian Security Information: DSA-3195 (Google Search) http://www.debian.org/security/2015/dsa-3195 HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: SSRT102066 https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/ http://openwall.com/lists/oss-security/2015/02/07/14 http://openwall.com/lists/oss-security/2015/03/11/8 RedHat Security Advisories: RHSA-2015:1053 http://rhn.redhat.com/errata/RHSA-2015-1053.html RedHat Security Advisories: RHSA-2015:1066 http://rhn.redhat.com/errata/RHSA-2015-1066.html http://www.securitytracker.com/id/1031947 SuSE Security Announcement: SUSE-SU-2015:0868 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html SuSE Security Announcement: SUSE-SU-2015:0946 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0644 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html http://www.ubuntu.com/usn/USN-2572-1 http://www.ubuntu.com/usn/USN-2594-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2668 BugTraq ID: 74472 http://www.securityfocus.com/bid/74472
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.