ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0338
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0338)
Resumen:	The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2020-0338 advisory.
Descripción:	Summary: The remote host is missing an update for the 'freerdp' package(s) announced via the MGASA-2020-0338 advisory. Vulnerability Insight: Integer overflow due to missing input sanitation in rdpegfx channel. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a memcpy) (CVE-2020-15103). The freerdp package has been updated to version 2.2.0, fixing this issue and other bugs. Affected Software/OS: 'freerdp' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-16135 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCIKQRKXAAB4HMWM62EPZJ4DVBHIIEG6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNW5GBC6JFN76VEWQXMLT5F7VCZ5AJ2E/ https://security.gentoo.org/glsa/202011-05 https://bugs.libssh.org/T232 https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238 https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120 https://www.oracle.com/security-alerts/cpuapr2022.html https://lists.debian.org/debian-lts-announce/2020/07/msg00034.html https://usn.ubuntu.com/4447-1/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.