ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0212
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0212)
Resumen:	The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2017-0212 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2017-0212 advisory. Vulnerability Insight: GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. (CVE-2017-7869) GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. (CVE-2017-7507) Affected Software/OS: 'gnutls' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7507 99102 http://www.securityfocus.com/bid/99102 DSA-3884 http://www.debian.org/security/2017/dsa-3884 RHSA-2017:2292 https://access.redhat.com/errata/RHSA-2017:2292 https://www.gnutls.org/security.html#GNUTLS-SA-2017-4 Common Vulnerability Exposure (CVE) ID: CVE-2017-7869 BugTraq ID: 97040 http://www.securityfocus.com/bid/97040 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 https://gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fe RedHat Security Advisories: RHSA-2017:2292
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.