ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0379
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0379)
Resumen:	The remote host is missing an update for the 'unixODBC' package(s) announced via the MGASA-2018-0379 advisory.
Descripción:	Summary: The remote host is missing an update for the 'unixODBC' package(s) announced via the MGASA-2018-0379 advisory. Vulnerability Insight: unixODBC before version 2.3.5 is vulnerable to a buffer overflow in the DriverManager/__info.c:unicode_to_ansi_copy() method. An attacker could exploit this to cause a denial of service or other unspecified impact (CVE-2018-7409). The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact (CVE-2018-7485). Affected Software/OS: 'unixODBC' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7409 http://www.unixodbc.org/unixODBC-2.3.5.tar.gz https://sourceforge.net/projects/unixodbc/files/unixODBC/2.3.5/ChangeLog/download RedHat Security Advisories: RHSA-2019:2336 https://access.redhat.com/errata/RHSA-2019:2336 Common Vulnerability Exposure (CVE) ID: CVE-2018-7485 BugTraq ID: 103193 http://www.securityfocus.com/bid/103193 https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.