Búsqueda de    
Vulnerabilidad   
    Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.10.2020.0399
Categoría:Mageia Linux Local Security Checks
Título:Mageia: Security Advisory (MGASA-2020-0399)
Resumen:The remote host is missing an update for the 'libproxy' package(s) announced via the MGASA-2020-0399 advisory.
Descripción:Summary:
The remote host is missing an update for the 'libproxy' package(s) announced via the MGASA-2020-0399 advisory.

Vulnerability Insight:
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is
enabled, as demonstrated by a large PAC file that is delivered without a
Content-length header. (CVE-2020-26154)

Affected Software/OS:
'libproxy' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-26154
Debian Security Information: DSA-4800 (Google Search)
https://www.debian.org/security/2020/dsa-4800
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BID3HVHAF6DA3YJOFDBSAZSMR3ODNIW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZVZXTFMFTSML3J6OOCDBDYH474BRJSW/
https://bugs.debian.org/968366
https://github.com/libproxy/libproxy/pull/126
https://lists.debian.org/debian-lts-announce/2020/11/msg00024.html
SuSE Security Announcement: openSUSE-SU-2020:1676 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html
SuSE Security Announcement: openSUSE-SU-2020:1680 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00033.html
CopyrightCopyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2025 E-Soft Inc. Todos los derechos reservados.