Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2017-0311)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2017.0311

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2017-0311)

Resumen: The remote host is missing an update for the 'groovy, groovy18' package(s) announced via the MGASA-2017-0311 advisory.

Descripción: Summary:
The remote host is missing an update for the 'groovy, groovy18' package(s) announced via the MGASA-2017-0311 advisory.

Vulnerability Insight:
It was found that a flaw in Apache groovy library allows remote code
execution wherever deserialization occurs in the application. It is
possible for an attacker to craft a special serialized object that will
execute code directly when deserialized. All applications which rely on
serialization and do not isolate the code which deserializes objects are
subject to this vulnerability (CVE-2016-6814).

Affected Software/OS:
'groovy, groovy18' package(s) on Mageia 5, Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6814
BugTraq ID: 95429
http://www.securityfocus.com/bid/95429
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://security.gentoo.org/glsa/202003-01
http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
RedHat Security Advisories: RHSA-2017:0272
http://rhn.redhat.com/errata/RHSA-2017-0272.html
RedHat Security Advisories: RHSA-2017:0868
https://access.redhat.com/errata/RHSA-2017:0868
RedHat Security Advisories: RHSA-2017:2486
https://access.redhat.com/errata/RHSA-2017:2486
RedHat Security Advisories: RHSA-2017:2596
https://access.redhat.com/errata/RHSA-2017:2596
http://www.securitytracker.com/id/1039600

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0311
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0311)
Resumen:	The remote host is missing an update for the 'groovy, groovy18' package(s) announced via the MGASA-2017-0311 advisory.
Descripción:	Summary: The remote host is missing an update for the 'groovy, groovy18' package(s) announced via the MGASA-2017-0311 advisory. Vulnerability Insight: It was found that a flaw in Apache groovy library allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability (CVE-2016-6814). Affected Software/OS: 'groovy, groovy18' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6814 BugTraq ID: 95429 http://www.securityfocus.com/bid/95429 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://security.gentoo.org/glsa/202003-01 http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html RedHat Security Advisories: RHSA-2017:0272 http://rhn.redhat.com/errata/RHSA-2017-0272.html RedHat Security Advisories: RHSA-2017:0868 https://access.redhat.com/errata/RHSA-2017:0868 RedHat Security Advisories: RHSA-2017:2486 https://access.redhat.com/errata/RHSA-2017:2486 RedHat Security Advisories: RHSA-2017:2596 https://access.redhat.com/errata/RHSA-2017:2596 http://www.securitytracker.com/id/1039600
Copyright	Copyright (C) 2022 Greenbone AG