ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0257
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0257)
Resumen:	The remote host is missing an update for the 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2018-0257 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2018-0257 advisory. Vulnerability Insight: This update provides virtualbox 5.2.12 and fixes the following security issues: Unauthorized remote attacker may have caused a hang or frequently repeatable crash (complete DOS) (CVE-2018-0739). Attacker with host login may have compromised Virtualbox or further system services after interaction with a third user (CVE-2018-2830). Attacker with host login may have compromised VirtualBox or further system services, allowing read access to some data (CVE-2018-2831). Attacker with host login may have gained control over VirtualBox and possibly further system services after interacting with a third user (CVE-2018-2835, CVE-2018-2836, CVE-2018-2837, CVE-2018-2842, CVE-2018-2843, CVE-2018-2844). Attacker with host login may have caused a hang or frequently repeatable crash (complete DOS), and perform unauthorized read and write operation to some VirtualBox accessible data (CVE-2018-2845). Privileged attacker may have gained control over VirtualBox and possibly further system services (CVE-2018-2860). For other fixes in this update, see the referenced changelog Affected Software/OS: 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0739 BugTraq ID: 103518 http://www.securityfocus.com/bid/103518 BugTraq ID: 105609 http://www.securityfocus.com/bid/105609 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ https://security.netapp.com/advisory/ntap-20180330-0002/ https://security.netapp.com/advisory/ntap-20180726-0002/ https://securityadvisories.paloaltonetworks.com/Home/Detail/133 https://www.openssl.org/news/secadv/20180327.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2018-04 https://www.tenable.com/security/tns-2018-06 https://www.tenable.com/security/tns-2018-07 Debian Security Information: DSA-4157 (Google Search) https://www.debian.org/security/2018/dsa-4157 Debian Security Information: DSA-4158 (Google Search) https://www.debian.org/security/2018/dsa-4158 https://security.gentoo.org/glsa/201811-21 https://security.gentoo.org/glsa/202007-53 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html RedHat Security Advisories: RHSA-2018:3090 https://access.redhat.com/errata/RHSA-2018:3090 RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0366 RedHat Security Advisories: RHSA-2019:0367 https://access.redhat.com/errata/RHSA-2019:0367 RedHat Security Advisories: RHSA-2019:1711 https://access.redhat.com/errata/RHSA-2019:1711 RedHat Security Advisories: RHSA-2019:1712 https://access.redhat.com/errata/RHSA-2019:1712 http://www.securitytracker.com/id/1040576 https://usn.ubuntu.com/3611-1/ https://usn.ubuntu.com/3611-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-2830 BugTraq ID: 103856 http://www.securityfocus.com/bid/103856 https://security.gentoo.org/glsa/201805-08 http://www.securitytracker.com/id/1040707 Common Vulnerability Exposure (CVE) ID: CVE-2018-2831 BugTraq ID: 103863 http://www.securityfocus.com/bid/103863 Common Vulnerability Exposure (CVE) ID: CVE-2018-2835 BugTraq ID: 103857 http://www.securityfocus.com/bid/103857 Common Vulnerability Exposure (CVE) ID: CVE-2018-2836 BugTraq ID: 103858 http://www.securityfocus.com/bid/103858 Common Vulnerability Exposure (CVE) ID: CVE-2018-2837 BugTraq ID: 103859 http://www.securityfocus.com/bid/103859 Common Vulnerability Exposure (CVE) ID: CVE-2018-2842 BugTraq ID: 103853 http://www.securityfocus.com/bid/103853 Common Vulnerability Exposure (CVE) ID: CVE-2018-2843 BugTraq ID: 103854 http://www.securityfocus.com/bid/103854 Common Vulnerability Exposure (CVE) ID: CVE-2018-2844 BugTraq ID: 103855 http://www.securityfocus.com/bid/103855 https://www.voidsecurity.in/2018/08/from-compiler-optimization-to-code.html Common Vulnerability Exposure (CVE) ID: CVE-2018-2845 BugTraq ID: 103861 http://www.securityfocus.com/bid/103861 Common Vulnerability Exposure (CVE) ID: CVE-2018-2860 BugTraq ID: 103860 http://www.securityfocus.com/bid/103860
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.