ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0235
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0235)
Resumen:	The remote host is missing an update for the 'iperf' package(s) announced via the MGASA-2016-0235 advisory.
Descripción:	Summary: The remote host is missing an update for the 'iperf' package(s) announced via the MGASA-2016-0235 advisory. Vulnerability Insight: A malicious process can connect to an iperf server and, by sending a malformed message on the control channel, corrupt the server process's heap area. This can lead to a crash (and a denial of service), or theoretically a remote code execution as the user running the iperf server. A malicious iperf server could potentially mount a similar attack on an iperf client (CVE-2016-4303). Affected Software/OS: 'iperf' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4303 http://blog.talosintel.com/2016/06/esnet-vulnerability.html http://www.talosintelligence.com/reports/TALOS-2016-0164/ https://lists.debian.org/debian-lts-announce/2020/01/msg00023.html SuSE Security Announcement: openSUSE-SU-2016:2113 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00082.html SuSE Security Announcement: openSUSE-SU-2016:2121 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.