Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0257
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0257)
Summary:	The remote host is missing an update for the 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2018-0257 advisory.
Description:	Summary: The remote host is missing an update for the 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2018-0257 advisory. Vulnerability Insight: This update provides virtualbox 5.2.12 and fixes the following security issues: Unauthorized remote attacker may have caused a hang or frequently repeatable crash (complete DOS) (CVE-2018-0739). Attacker with host login may have compromised Virtualbox or further system services after interaction with a third user (CVE-2018-2830). Attacker with host login may have compromised VirtualBox or further system services, allowing read access to some data (CVE-2018-2831). Attacker with host login may have gained control over VirtualBox and possibly further system services after interacting with a third user (CVE-2018-2835, CVE-2018-2836, CVE-2018-2837, CVE-2018-2842, CVE-2018-2843, CVE-2018-2844). Attacker with host login may have caused a hang or frequently repeatable crash (complete DOS), and perform unauthorized read and write operation to some VirtualBox accessible data (CVE-2018-2845). Privileged attacker may have gained control over VirtualBox and possibly further system services (CVE-2018-2860). For other fixes in this update, see the referenced changelog Affected Software/OS: 'kmod-vboxadditions, kmod-virtualbox, virtualbox' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0739 BugTraq ID: 103518 http://www.securityfocus.com/bid/103518 BugTraq ID: 105609 http://www.securityfocus.com/bid/105609 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ https://security.netapp.com/advisory/ntap-20180330-0002/ https://security.netapp.com/advisory/ntap-20180726-0002/ https://securityadvisories.paloaltonetworks.com/Home/Detail/133 https://www.openssl.org/news/secadv/20180327.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2018-04 https://www.tenable.com/security/tns-2018-06 https://www.tenable.com/security/tns-2018-07 Debian Security Information: DSA-4157 (Google Search) https://www.debian.org/security/2018/dsa-4157 Debian Security Information: DSA-4158 (Google Search) https://www.debian.org/security/2018/dsa-4158 https://security.gentoo.org/glsa/201811-21 https://security.gentoo.org/glsa/202007-53 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html RedHat Security Advisories: RHSA-2018:3090 https://access.redhat.com/errata/RHSA-2018:3090 RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0366 RedHat Security Advisories: RHSA-2019:0367 https://access.redhat.com/errata/RHSA-2019:0367 RedHat Security Advisories: RHSA-2019:1711 https://access.redhat.com/errata/RHSA-2019:1711 RedHat Security Advisories: RHSA-2019:1712 https://access.redhat.com/errata/RHSA-2019:1712 http://www.securitytracker.com/id/1040576 https://usn.ubuntu.com/3611-1/ https://usn.ubuntu.com/3611-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-2830 BugTraq ID: 103856 http://www.securityfocus.com/bid/103856 https://security.gentoo.org/glsa/201805-08 http://www.securitytracker.com/id/1040707 Common Vulnerability Exposure (CVE) ID: CVE-2018-2831 BugTraq ID: 103863 http://www.securityfocus.com/bid/103863 Common Vulnerability Exposure (CVE) ID: CVE-2018-2835 BugTraq ID: 103857 http://www.securityfocus.com/bid/103857 Common Vulnerability Exposure (CVE) ID: CVE-2018-2836 BugTraq ID: 103858 http://www.securityfocus.com/bid/103858 Common Vulnerability Exposure (CVE) ID: CVE-2018-2837 BugTraq ID: 103859 http://www.securityfocus.com/bid/103859 Common Vulnerability Exposure (CVE) ID: CVE-2018-2842 BugTraq ID: 103853 http://www.securityfocus.com/bid/103853 Common Vulnerability Exposure (CVE) ID: CVE-2018-2843 BugTraq ID: 103854 http://www.securityfocus.com/bid/103854 Common Vulnerability Exposure (CVE) ID: CVE-2018-2844 BugTraq ID: 103855 http://www.securityfocus.com/bid/103855 https://www.voidsecurity.in/2018/08/from-compiler-optimization-to-code.html Common Vulnerability Exposure (CVE) ID: CVE-2018-2845 BugTraq ID: 103861 http://www.securityfocus.com/bid/103861 Common Vulnerability Exposure (CVE) ID: CVE-2018-2860 BugTraq ID: 103860 http://www.securityfocus.com/bid/103860
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.