ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0256
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0256)
Resumen:	The remote host is missing an update for the 'util-linux' package(s) announced via the MGASA-2016-0256 advisory.
Descripción:	Summary: The remote host is missing an update for the 'util-linux' package(s) announced via the MGASA-2016-0256 advisory. Vulnerability Insight: The util-linux libblkid is vulnerable to a Denial of Service attack during MS-DOS partition table parsing, in the extended partition boot record (EBR). If the next EBR starts at relative offset 0, parse_dos_extended() will loop until running out of memory. An attacker could install a specially crafted MS-DOS partition table in a storage device and trick a user into using it. This library is used, among others, by systemd-udevd daemon (CVE-2016-5011). Affected Software/OS: 'util-linux' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5011 1036272 http://www.securitytracker.com/id/1036272 91683 http://www.securityfocus.com/bid/91683 RHSA-2016:2605 http://rhn.redhat.com/errata/RHSA-2016-2605.html [oss-security] 20160711 CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS http://www.openwall.com/lists/oss-security/2016/07/11/2 http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543 http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801 https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.