Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0012)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2019.0012

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2019-0012)

Resumen: The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.

Descripción: Summary:
The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.

Vulnerability Insight:
Eyal Itkin discovered FreeRDP incorrectly handled certain stream
encodings. A malicious server could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code (CVE-2018-8784, CVE-2018-8785).

Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious
server could use this issue to cause FreeRDP to crash, resulting in a
denial of service, or possibly execute arbitrary code (CVE-2018-8786,
CVE-2018-8787).

Eyal Itkin discovered FreeRDP incorrectly handled certain stream
encodings. A malicious server could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code (CVE-2018-8788).

Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A
malicious server could use this issue to cause FreeRDP to crash,
resulting in a denial of service, or possibly execute arbitrary code
(CVE-2018-8789).

Affected Software/OS:
'freerdp' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-8784
BugTraq ID: 106938
http://www.securityfocus.com/bid/106938
https://usn.ubuntu.com/3845-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8785
Common Vulnerability Exposure (CVE) ID: CVE-2018-8786
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html
RedHat Security Advisories: RHSA-2019:0697
https://access.redhat.com/errata/RHSA-2019:0697
https://usn.ubuntu.com/3845-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8787
Common Vulnerability Exposure (CVE) ID: CVE-2018-8788
Common Vulnerability Exposure (CVE) ID: CVE-2018-8789

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0012
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0012)
Resumen:	The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory.
Descripción:	Summary: The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2019-0012 advisory. Vulnerability Insight: Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8784, CVE-2018-8785). Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8786, CVE-2018-8787). Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8788). Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-8789). Affected Software/OS: 'freerdp' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-8784 BugTraq ID: 106938 http://www.securityfocus.com/bid/106938 https://usn.ubuntu.com/3845-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8785 Common Vulnerability Exposure (CVE) ID: CVE-2018-8786 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html RedHat Security Advisories: RHSA-2019:0697 https://access.redhat.com/errata/RHSA-2019:0697 https://usn.ubuntu.com/3845-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8787 Common Vulnerability Exposure (CVE) ID: CVE-2018-8788 Common Vulnerability Exposure (CVE) ID: CVE-2018-8789
Copyright	Copyright (C) 2022 Greenbone AG