 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.13.2022.016.01 |
| Categoría: | Slackware Local Security Checks |
| Título: | Slackware: Security Advisory (SSA:2022-016-01) |
| Resumen: | The remote host is missing an update for the 'expat' package(s) announced via the SSA:2022-016-01 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'expat' package(s) announced via the SSA:2022-016-01 advisory. Vulnerability Insight: New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/expat-2.4.3-i586-1_slack14.2.txz: Upgraded. Fix issues with left shifts by >=29 places resulting in: a) realloc acting as free b) realloc allocating too few bytes c) undefined behavior Fix integer overflow on variable m_groupSize in function doProlog leading to realloc acting as free. Impact is denial of service or other undefined behavior. Prevent integer overflows near memory allocation at multiple places. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'expat' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-45960 Debian Security Information: DSA-5073 (Google Search) https://www.debian.org/security/2022/dsa-5073 https://security.gentoo.org/glsa/202209-24 https://bugzilla.mozilla.org/show_bug.cgi?id=1217609 https://github.com/libexpat/libexpat/issues/531 https://github.com/libexpat/libexpat/pull/534 http://www.openwall.com/lists/oss-security/2022/01/17/3 Common Vulnerability Exposure (CVE) ID: CVE-2021-46143 https://github.com/libexpat/libexpat/issues/532 https://github.com/libexpat/libexpat/pull/538 Common Vulnerability Exposure (CVE) ID: CVE-2022-22822 https://github.com/libexpat/libexpat/pull/539 Common Vulnerability Exposure (CVE) ID: CVE-2022-22823 Common Vulnerability Exposure (CVE) ID: CVE-2022-22824 Common Vulnerability Exposure (CVE) ID: CVE-2022-22825 Common Vulnerability Exposure (CVE) ID: CVE-2022-22826 Common Vulnerability Exposure (CVE) ID: CVE-2022-22827 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |