ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0390
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0390)
Resumen:	The remote host is missing an update for the 'geary' package(s) announced via the MGASA-2020-0390 advisory.
Descripción:	Summary: The remote host is missing an update for the 'geary' package(s) announced via the MGASA-2020-0390 advisory. Vulnerability Insight: GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail. (CVE-2020-24661) Affected Software/OS: 'geary' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-24661 Cisco Security Advisory: 20200902 Cisco Jabber for Windows Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSeg/message/NS6CSTOBVO5HSAR3X5CT6DS6QDHXDB26/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G7OTYTGND6EFOKNQJWCHKKXKSN7SM73Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS6CSTOBVO5HSAR3X5CT6DS6QDHXDB26/ https://gitlab.gnome.org/GNOME/geary/-/issues/866
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.