ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0141
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0141)
Resumen:	The remote host is missing an update for the 'ksh' package(s) announced via the MGASA-2021-0141 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ksh' package(s) announced via the MGASA-2021-0141 advisory. Vulnerability Insight: A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely (CVE-2019-14868). Affected Software/OS: 'ksh' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14868 20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra http://seclists.org/fulldisclosure/2020/May/53 [debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868 https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2 https://support.apple.com/kb/HT211170
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.