ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0339
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0339)
Resumen:	The remote host is missing an update for the 'libtomcrypt' package(s) announced via the MGASA-2018-0339 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtomcrypt' package(s) announced via the MGASA-2018-0339 advisory. Vulnerability Insight: libtomcrypt has been updated to secure it against two security vulnerabilities. A problem in the ASN.1 parser could cause a stack overflow and a resulting denial of service when parsing deeply recursive ASN.1 types (CVE-2018-0739). An attacker capable of triggering signatures and mounting a side channel attack against a victim can extract an ECDSA key in a practical amount of time (CVE-2018-12437). Affected Software/OS: 'libtomcrypt' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0739 BugTraq ID: 103518 http://www.securityfocus.com/bid/103518 BugTraq ID: 105609 http://www.securityfocus.com/bid/105609 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ https://security.netapp.com/advisory/ntap-20180330-0002/ https://security.netapp.com/advisory/ntap-20180726-0002/ https://securityadvisories.paloaltonetworks.com/Home/Detail/133 https://www.openssl.org/news/secadv/20180327.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2018-04 https://www.tenable.com/security/tns-2018-06 https://www.tenable.com/security/tns-2018-07 Debian Security Information: DSA-4157 (Google Search) https://www.debian.org/security/2018/dsa-4157 Debian Security Information: DSA-4158 (Google Search) https://www.debian.org/security/2018/dsa-4158 https://security.gentoo.org/glsa/201811-21 https://security.gentoo.org/glsa/202007-53 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html RedHat Security Advisories: RHSA-2018:3090 https://access.redhat.com/errata/RHSA-2018:3090 RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0366 RedHat Security Advisories: RHSA-2019:0367 https://access.redhat.com/errata/RHSA-2019:0367 RedHat Security Advisories: RHSA-2019:1711 https://access.redhat.com/errata/RHSA-2019:1711 RedHat Security Advisories: RHSA-2019:1712 https://access.redhat.com/errata/RHSA-2019:1712 http://www.securitytracker.com/id/1040576 https://usn.ubuntu.com/3611-1/ https://usn.ubuntu.com/3611-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-12437 https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.