Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0012)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2018.0012

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2018-0012)

Resumen: The remote host is missing an update for the 'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) announced via the MGASA-2018-0012 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) announced via the MGASA-2018-0012 advisory.

Vulnerability Insight:
Chris Evans discovered that the GStreamer plugin to decode VMware screen
capture files allowed the execution of arbitrary code (CVE-2016-9445,
CVE-2016-9446).

Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound
Format files allowed the execution of arbitrary code (CVE-2016-9447).

Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843,
CVE-2017-5848).

The gstreamer0.10-plugins-bad package was affected by CVE-2016-9445,
CVE-2016-9446, CVE-2016-9447, CVE-2016-9809, CVE-2017-5843, and
CVE-2017-5848).

The gstreamer1.0-plugins-bad package was affected by CVE-2016-9445,
CVE-2016-9446, CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843,
and CVE-2017-5848.

Affected Software/OS:
'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-9445
BugTraq ID: 94421
http://www.securityfocus.com/bid/94421
https://security.gentoo.org/glsa/201705-10
https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
http://www.openwall.com/lists/oss-security/2016/11/18/12
http://www.openwall.com/lists/oss-security/2016/11/18/13
RedHat Security Advisories: RHSA-2016:2974
http://rhn.redhat.com/errata/RHSA-2016-2974.html
RedHat Security Advisories: RHSA-2017:0018
http://rhn.redhat.com/errata/RHSA-2017-0018.html
RedHat Security Advisories: RHSA-2017:0021
http://rhn.redhat.com/errata/RHSA-2017-0021.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9446
BugTraq ID: 94423
http://www.securityfocus.com/bid/94423
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM7IXFGHV66KNWGWG6ZBDNKXD2UJL2VQ/
RedHat Security Advisories: RHSA-2017:2060
https://access.redhat.com/errata/RHSA-2017:2060
Common Vulnerability Exposure (CVE) ID: CVE-2016-9447
BugTraq ID: 94427
http://www.securityfocus.com/bid/94427
http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9809
BugTraq ID: 95147
http://www.securityfocus.com/bid/95147
Debian Security Information: DSA-3818 (Google Search)
http://www.debian.org/security/2017/dsa-3818
https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html
http://www.openwall.com/lists/oss-security/2016/12/01/2
http://www.openwall.com/lists/oss-security/2016/12/05/8
Common Vulnerability Exposure (CVE) ID: CVE-2016-9812
BugTraq ID: 95160
http://www.securityfocus.com/bid/95160
Common Vulnerability Exposure (CVE) ID: CVE-2016-9813
BugTraq ID: 95158
http://www.securityfocus.com/bid/95158
https://www.exploit-db.com/exploits/42162/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5843
BugTraq ID: 96001
http://www.securityfocus.com/bid/96001
http://www.openwall.com/lists/oss-security/2017/02/01/7
http://www.openwall.com/lists/oss-security/2017/02/02/9
Common Vulnerability Exposure (CVE) ID: CVE-2017-5848

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0012
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0012)
Resumen:	The remote host is missing an update for the 'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) announced via the MGASA-2018-0012 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) announced via the MGASA-2018-0012 advisory. Vulnerability Insight: Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code (CVE-2016-9445, CVE-2016-9446). Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code (CVE-2016-9447). Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843, CVE-2017-5848). The gstreamer0.10-plugins-bad package was affected by CVE-2016-9445, CVE-2016-9446, CVE-2016-9447, CVE-2016-9809, CVE-2017-5843, and CVE-2017-5848). The gstreamer1.0-plugins-bad package was affected by CVE-2016-9445, CVE-2016-9446, CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843, and CVE-2017-5848. Affected Software/OS: 'gstreamer0.10-plugins-bad, gstreamer1.0-plugins-bad' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9445 BugTraq ID: 94421 http://www.securityfocus.com/bid/94421 https://security.gentoo.org/glsa/201705-10 https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html http://www.openwall.com/lists/oss-security/2016/11/18/12 http://www.openwall.com/lists/oss-security/2016/11/18/13 RedHat Security Advisories: RHSA-2016:2974 http://rhn.redhat.com/errata/RHSA-2016-2974.html RedHat Security Advisories: RHSA-2017:0018 http://rhn.redhat.com/errata/RHSA-2017-0018.html RedHat Security Advisories: RHSA-2017:0021 http://rhn.redhat.com/errata/RHSA-2017-0021.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9446 BugTraq ID: 94423 http://www.securityfocus.com/bid/94423 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM7IXFGHV66KNWGWG6ZBDNKXD2UJL2VQ/ RedHat Security Advisories: RHSA-2017:2060 https://access.redhat.com/errata/RHSA-2017:2060 Common Vulnerability Exposure (CVE) ID: CVE-2016-9447 BugTraq ID: 94427 http://www.securityfocus.com/bid/94427 http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9809 BugTraq ID: 95147 http://www.securityfocus.com/bid/95147 Debian Security Information: DSA-3818 (Google Search) http://www.debian.org/security/2017/dsa-3818 https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html http://www.openwall.com/lists/oss-security/2016/12/01/2 http://www.openwall.com/lists/oss-security/2016/12/05/8 Common Vulnerability Exposure (CVE) ID: CVE-2016-9812 BugTraq ID: 95160 http://www.securityfocus.com/bid/95160 Common Vulnerability Exposure (CVE) ID: CVE-2016-9813 BugTraq ID: 95158 http://www.securityfocus.com/bid/95158 https://www.exploit-db.com/exploits/42162/ Common Vulnerability Exposure (CVE) ID: CVE-2017-5843 BugTraq ID: 96001 http://www.securityfocus.com/bid/96001 http://www.openwall.com/lists/oss-security/2017/02/01/7 http://www.openwall.com/lists/oss-security/2017/02/02/9 Common Vulnerability Exposure (CVE) ID: CVE-2017-5848
Copyright	Copyright (C) 2022 Greenbone AG