ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0385
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0385)
Resumen:	The remote host is missing an update for the 'proftpd' package(s) announced via the MGASA-2019-0385 advisory.
Descripción:	Summary: The remote host is missing an update for the 'proftpd' package(s) announced via the MGASA-2019-0385 advisory. Vulnerability Insight: An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup (CVE-2019-19269). Affected Software/OS: 'proftpd' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-19269 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGBBCPLJSDPFG5EI5P5G7P4KEX7YSD5G/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QR65XUHPCRU3NXTSFVF2J4GWRIHC7AHW/ https://security.gentoo.org/glsa/202003-35 https://github.com/proftpd/proftpd/issues/861 https://www.oracle.com/security-alerts/cpuapr2020.html https://lists.debian.org/debian-lts-announce/2019/11/msg00039.html SuSE Security Announcement: openSUSE-SU-2020:0031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.