Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2016-0269)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2016.0269

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2016-0269)

Resumen: The remote host is missing an update for the 'libidn' package(s) announced via the MGASA-2016-0269 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libidn' package(s) announced via the MGASA-2016-0269 advisory.

Vulnerability Insight:
Out-of-bounds stack read in libidn before 1.33 in idna_to_ascii_4i
(CVE-2016-6261).

Out-of-bounds-read in libidn when reading one zero byte as input
(CVE-2015-8948, CVE-2016-6262).

In libidn before 1.33, stringprep_utf8_nfkc_normalize would crash when
presented with invalid UTF-8 (CVE-2016-6263).

Affected Software/OS:
'libidn' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-8948
BugTraq ID: 92070
http://www.securityfocus.com/bid/92070
Debian Security Information: DSA-3658 (Google Search)
http://www.debian.org/security/2016/dsa-3658
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
http://www.openwall.com/lists/oss-security/2016/07/20/6
http://www.openwall.com/lists/oss-security/2016/07/21/4
SuSE Security Announcement: openSUSE-SU-2016:1924 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-08/msg00005.html
SuSE Security Announcement: openSUSE-SU-2016:2135 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-08/msg00098.html
http://www.ubuntu.com/usn/USN-3068-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-6261
https://lists.gnu.org/archive/html/help-libidn/2015-07/msg00016.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6262
Common Vulnerability Exposure (CVE) ID: CVE-2016-6263
https://security.gentoo.org/glsa/201908-06

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0269
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0269)
Resumen:	The remote host is missing an update for the 'libidn' package(s) announced via the MGASA-2016-0269 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libidn' package(s) announced via the MGASA-2016-0269 advisory. Vulnerability Insight: Out-of-bounds stack read in libidn before 1.33 in idna_to_ascii_4i (CVE-2016-6261). Out-of-bounds-read in libidn when reading one zero byte as input (CVE-2015-8948, CVE-2016-6262). In libidn before 1.33, stringprep_utf8_nfkc_normalize would crash when presented with invalid UTF-8 (CVE-2016-6263). Affected Software/OS: 'libidn' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8948 BugTraq ID: 92070 http://www.securityfocus.com/bid/92070 Debian Security Information: DSA-3658 (Google Search) http://www.debian.org/security/2016/dsa-3658 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html http://www.openwall.com/lists/oss-security/2016/07/20/6 http://www.openwall.com/lists/oss-security/2016/07/21/4 SuSE Security Announcement: openSUSE-SU-2016:1924 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00005.html SuSE Security Announcement: openSUSE-SU-2016:2135 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00098.html http://www.ubuntu.com/usn/USN-3068-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-6261 https://lists.gnu.org/archive/html/help-libidn/2015-07/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6262 Common Vulnerability Exposure (CVE) ID: CVE-2016-6263 https://security.gentoo.org/glsa/201908-06
Copyright	Copyright (C) 2022 Greenbone AG