Test ID:	1.3.6.1.4.1.25623.1.0.842557
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2834-1)
Summary:	The remote host is missing an update for the 'libxml2' package(s) announced via the USN-2834-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the USN-2834-1 advisory. Vulnerability Insight: Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500) Hugh Davenport discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8241, CVE-2015-8242) Hanno Boeck discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-8317) Affected Software/OS: 'libxml2' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 15.04, Ubuntu 15.10. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5312 1034243 http://www.securitytracker.com/id/1034243 79536 http://www.securityfocus.com/bid/79536 APPLE-SA-2016-03-21-1 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html APPLE-SA-2016-03-21-2 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html APPLE-SA-2016-03-21-3 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html APPLE-SA-2016-03-21-5 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html DSA-3430 http://www.debian.org/security/2015/dsa-3430 GLSA-201701-37 https://security.gentoo.org/glsa/201701-37 HPSBGN03537 http://marc.info/?l=bugtraq&m=145382616617563&w=2 RHSA-2015:2549 http://rhn.redhat.com/errata/RHSA-2015-2549.html RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html RHSA-2016:1089 http://rhn.redhat.com/errata/RHSA-2016-1089.html USN-2834-1 http://www.ubuntu.com/usn/USN-2834-1 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://xmlsoft.org/news.html https://bugzilla.redhat.com/show_bug.cgi?id=1276693 https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://support.apple.com/HT206168 https://support.apple.com/HT206169 openSUSE-SU-2015:2372 http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html openSUSE-SU-2016:0106 http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7497 79508 http://www.securityfocus.com/bid/79508 https://bugzilla.redhat.com/show_bug.cgi?id=1281862 https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9 Common Vulnerability Exposure (CVE) ID: CVE-2015-7498 79548 http://www.securityfocus.com/bid/79548 https://bugzilla.redhat.com/show_bug.cgi?id=1281879 https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43 Common Vulnerability Exposure (CVE) ID: CVE-2015-7499 79509 http://www.securityfocus.com/bid/79509 https://bugzilla.redhat.com/show_bug.cgi?id=1281925 https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da Common Vulnerability Exposure (CVE) ID: CVE-2015-7500 79562 http://www.securityfocus.com/bid/79562 https://bugzilla.redhat.com/show_bug.cgi?id=1281943 https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f Common Vulnerability Exposure (CVE) ID: CVE-2015-8241 BugTraq ID: 77621 http://www.securityfocus.com/bid/77621 Debian Security Information: DSA-3430 (Google Search) HPdes Security Advisory: HPSBGN03537 http://www.openwall.com/lists/oss-security/2015/11/17/5 http://www.openwall.com/lists/oss-security/2015/11/18/23 RedHat Security Advisories: RHSA-2015:2549 RedHat Security Advisories: RHSA-2015:2550 RedHat Security Advisories: RHSA-2016:1089 SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search) SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2015-8242 BugTraq ID: 77681 http://www.securityfocus.com/bid/77681 Common Vulnerability Exposure (CVE) ID: CVE-2015-8317 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html BugTraq ID: 91826 http://www.securityfocus.com/bid/91826 https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html http://www.openwall.com/lists/oss-security/2015/11/21/1 http://www.openwall.com/lists/oss-security/2015/11/22/3
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.