 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2019.0047 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2019-0047) |
| Resumen: | The remote host is missing an update for the 'libxml2, perl-XML-LibXML' package(s) announced via the MGASA-2019-0047 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'libxml2, perl-XML-LibXML' package(s) announced via the MGASA-2019-0047 advisory. Vulnerability Insight: A flaw was found in libxml2 2.9.8. The xz_decomp function in xzlib.c, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (CVE-2018-9251, CVE-2018-14567). A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application (CVE-2018-14404). The libxml2 package has been updated to version 2.9.9 to fix these issues and other bugs. The perl-XML-LibXML package has been rebuilt against the updated libxml2. Affected Software/OS: 'libxml2, perl-XML-LibXML' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-14404 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 https://bugzilla.redhat.com/show_bug.cgi?id=1595985 https://gitlab.gnome.org/GNOME/libxml2/issues/10 https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html RedHat Security Advisories: RHSA-2019:1543 https://access.redhat.com/errata/RHSA-2019:1543 https://usn.ubuntu.com/3739-1/ https://usn.ubuntu.com/3739-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-14567 BugTraq ID: 105198 http://www.securityfocus.com/bid/105198 Common Vulnerability Exposure (CVE) ID: CVE-2018-9251 https://bugzilla.gnome.org/show_bug.cgi?id=794914 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |