ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0328
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0328)
Resumen:	The remote host is missing an update for the 'c-icap-modules-extra, clamav, ecap-clamav' package(s) announced via the MGASA-2019-0328 advisory.
Descripción:	Summary: The remote host is missing an update for the 'c-icap-modules-extra, clamav, ecap-clamav' package(s) announced via the MGASA-2019-0328 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. (CVE-2019-12625) BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. (CVE-2019-12900) Affected Software/OS: 'c-icap-modules-extra, clamav, ecap-clamav' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-12625 https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html SuSE Security Announcement: openSUSE-SU-2019:2595 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html SuSE Security Announcement: openSUSE-SU-2019:2597 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2019-12900 Bugtraq: 20190715 [slackware-security] bzip2 (SSA:2019-195-01) (Google Search) https://seclists.org/bugtraq/2019/Jul/22 Bugtraq: 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2 (Google Search) https://seclists.org/bugtraq/2019/Aug/4 https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS FreeBSD Security Advisory: FreeBSD-SA-19:18 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E SuSE Security Announcement: openSUSE-SU-2019:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html SuSE Security Announcement: openSUSE-SU-2019:1918 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html https://usn.ubuntu.com/4038-1/ https://usn.ubuntu.com/4038-2/ https://usn.ubuntu.com/4146-1/ https://usn.ubuntu.com/4146-2/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.