Test ID:	1.3.6.1.4.1.25623.1.0.120325
Category:	Amazon Linux Local Security Checks
Title:	Amazon Linux: Security Advisory (ALAS-2015-481)
Summary:	The remote host is missing an update for the 'libyaml' package(s) announced via the ALAS-2015-481 advisory.
Description:	Summary: The remote host is missing an update for the 'libyaml' package(s) announced via the ALAS-2015-481 advisory. Vulnerability Insight: An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. (CVE-2014-9130) Affected Software/OS: 'libyaml' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9130 BugTraq ID: 71349 http://www.securityfocus.com/bid/71349 Debian Security Information: DSA-3102 (Google Search) http://www.debian.org/security/2014/dsa-3102 Debian Security Information: DSA-3103 (Google Search) http://www.debian.org/security/2014/dsa-3103 Debian Security Information: DSA-3115 (Google Search) http://www.debian.org/security/2014/dsa-3115 http://www.mandriva.com/security/advisories?name=MDVSA-2014:242 http://www.mandriva.com/security/advisories?name=MDVSA-2015:060 https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure http://www.openwall.com/lists/oss-security/2014/11/28/8 http://www.openwall.com/lists/oss-security/2014/11/28/1 http://www.openwall.com/lists/oss-security/2014/11/29/3 RedHat Security Advisories: RHSA-2015:0100 http://rhn.redhat.com/errata/RHSA-2015-0100.html RedHat Security Advisories: RHSA-2015:0112 http://rhn.redhat.com/errata/RHSA-2015-0112.html RedHat Security Advisories: RHSA-2015:0260 http://rhn.redhat.com/errata/RHSA-2015-0260.html http://secunia.com/advisories/59947 http://secunia.com/advisories/60944 http://secunia.com/advisories/62164 http://secunia.com/advisories/62174 http://secunia.com/advisories/62176 http://secunia.com/advisories/62705 http://secunia.com/advisories/62723 http://secunia.com/advisories/62774 SuSE Security Announcement: openSUSE-SU-2015:0319 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html SuSE Security Announcement: openSUSE-SU-2016:1067 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://www.ubuntu.com/usn/USN-2461-1 http://www.ubuntu.com/usn/USN-2461-2 http://www.ubuntu.com/usn/USN-2461-3 XForce ISS Database: libyaml-cve20149130-dos(99047) https://exchange.xforce.ibmcloud.com/vulnerabilities/99047
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.