ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0206
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0206)
Resumen:	The remote host is missing an update for the 'glibc' package(s) announced via the MGASA-2016-0206 advisory.
Descripción:	Summary: The remote host is missing an update for the 'glibc' package(s) announced via the MGASA-2016-0206 advisory. Vulnerability Insight: Updated glibc packages fix security vulnerabilities: It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOB_ALTDIRFUNC is used, causing large stack-based buffer overflow with controlled length and content (CVE-2016-1234). A stack overflow vulnerability (unbounded allocation) in _nss_dns_getnetbyname_r function was found (CVE-2016-3075). stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) (CVE-2016-3706). Affected Software/OS: 'glibc' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1234 BugTraq ID: 84204 http://www.securityfocus.com/bid/84204 http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html http://seclists.org/fulldisclosure/2021/Sep/0 https://security.gentoo.org/glsa/201702-11 http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E http://www.openwall.com/lists/oss-security/2016/03/07/16 SuSE Security Announcement: openSUSE-SU-2016:1527 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html SuSE Security Announcement: openSUSE-SU-2016:1779 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3075 BugTraq ID: 85732 http://www.securityfocus.com/bid/85732 RedHat Security Advisories: RHSA-2016:2573 http://rhn.redhat.com/errata/RHSA-2016-2573.html http://www.ubuntu.com/usn/USN-2985-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-3706 102073 http://www.securityfocus.com/bid/102073 88440 http://www.securityfocus.com/bid/88440 http://www-01.ibm.com/support/docview.wss?uid=swg21995039 https://source.android.com/security/bulletin/2017-12-01 https://sourceware.org/bugzilla/show_bug.cgi?id=20010 https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9 openSUSE-SU-2016:1527 openSUSE-SU-2016:1779
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.