Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0035)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0035

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0035)

Resumen: The remote host is missing an update for the 'mysql-connector-c++' package(s) announced via the MGASA-2022-0035 advisory.

Descripción: Summary:
The remote host is missing an update for the 'mysql-connector-c++' package(s) announced via the MGASA-2022-0035 advisory.

Vulnerability Insight:
Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt.
(CVE-2021-3711)
Denial of Service attack due to possible non-zero terminated strings.
(CVE-2021-3712)

Affected Software/OS:
'mysql-connector-c++' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://www.openssl.org/news/secadv/20210824.txt
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
Debian Security Information: DSA-4963 (Google Search)
https://www.debian.org/security/2021/dsa-4963
https://security.gentoo.org/glsa/202209-02
https://security.gentoo.org/glsa/202210-02
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
http://www.openwall.com/lists/oss-security/2021/08/26/2
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
Common Vulnerability Exposure (CVE) ID: CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0035
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0035)
Resumen:	The remote host is missing an update for the 'mysql-connector-c++' package(s) announced via the MGASA-2022-0035 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mysql-connector-c++' package(s) announced via the MGASA-2022-0035 advisory. Vulnerability Insight: Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt. (CVE-2021-3711) Denial of Service attack due to possible non-zero terminated strings. (CVE-2021-3712) Affected Software/OS: 'mysql-connector-c++' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3711 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 https://security.netapp.com/advisory/ntap-20210827-0010/ https://security.netapp.com/advisory/ntap-20211022-0003/ https://www.openssl.org/news/secadv/20210824.txt https://www.tenable.com/security/tns-2021-16 https://www.tenable.com/security/tns-2022-02 Debian Security Information: DSA-4963 (Google Search) https://www.debian.org/security/2021/dsa-4963 https://security.gentoo.org/glsa/202209-02 https://security.gentoo.org/glsa/202210-02 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html http://www.openwall.com/lists/oss-security/2021/08/26/2 https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2021-3712 https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
Copyright	Copyright (C) 2022 Greenbone AG