ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0368
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0368)
Resumen:	The remote host is missing an update for the 'sleuthkit' package(s) announced via the MGASA-2018-0368 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sleuthkit' package(s) announced via the MGASA-2018-0368 advisory. Vulnerability Insight: Updated sleuthkit packages fix security vulnerabilities: In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls (CVE-2017-13755). In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls (CVE-2017-13756). In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a (CVE-2017-13760). An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service (CVE-2018-11737). An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack (CVE-2018-11738). An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack (CVE-2018-11739). An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack (CVE-2018-11740). Affected Software/OS: 'sleuthkit' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13755 https://github.com/sleuthkit/sleuthkit/issues/913 https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html Common Vulnerability Exposure (CVE) ID: CVE-2017-13756 https://github.com/sleuthkit/sleuthkit/issues/914 Common Vulnerability Exposure (CVE) ID: CVE-2017-13760 https://github.com/sleuthkit/sleuthkit/issues/906 Common Vulnerability Exposure (CVE) ID: CVE-2018-11737 https://github.com/sleuthkit/sleuthkit/issues/1266 Common Vulnerability Exposure (CVE) ID: CVE-2018-11738 https://github.com/sleuthkit/sleuthkit/issues/1265 Common Vulnerability Exposure (CVE) ID: CVE-2018-11739 https://github.com/sleuthkit/sleuthkit/issues/1267 Common Vulnerability Exposure (CVE) ID: CVE-2018-11740 https://github.com/sleuthkit/sleuthkit/issues/1264
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.