Test ID:	1.3.6.1.4.1.25623.1.0.70044
Category:	Fedora Local Security Checks
Title:	Fedora Core 15 FEDORA-2011-9494 (xml-security-c)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xml-security-c announced via advisory FEDORA-2011-9494. Update Information: Fix CVE-2011-2516: Apache Santuario XML Security for C++ contains buffer overflows signing or verifying with large keys. References: [ 1 ] Bug #719698 - CVE-2011-2516 xml-security-c: Stack-based buffer overflows when creating or verifying XML Signatures with RSA keys of sizes >= 8192 bits https://bugzilla.redhat.com/show_bug.cgi?id=719698 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update xml-security-c' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-9494 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2516 1025755 http://www.securitytracker.com/id?1025755 20110707 Security Advisory: CVE-2011-2516 http://www.securityfocus.com/archive/1/518756/100/0/threaded 45151 http://secunia.com/advisories/45151 45191 http://secunia.com/advisories/45191 45198 http://secunia.com/advisories/45198 45491 http://secunia.com/advisories/45491 48611 http://www.securityfocus.com/bid/48611 DSA-2277 http://www.debian.org/security/2011/dsa-2277 FEDORA-2011-9494 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063229.html FEDORA-2011-9501 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063159.html [santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E [santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E apache-xml-dos(68420) https://exchange.xforce.ibmcloud.com/vulnerabilities/68420 http://santuario.apache.org/secadv/CVE-2011-2516.txt http://shibboleth.internet2.edu/secadv/secadv_20110706.txt https://issues.apache.org/jira/browse/SANTUARIO-271
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.