Test ID:	1.3.6.1.4.1.25623.1.0.843755
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3759-1)
Summary:	The remote host is missing an update for the 'libtirpc' package(s) announced via the USN-3759-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libtirpc' package(s) announced via the USN-3759-1 advisory. Vulnerability Insight: Aldy Hernandez discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4429) It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-14622) It was discovered that libtirpc incorrectly handled certain strings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-8779) Affected Software/OS: 'libtirpc' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4429 BugTraq ID: 102073 http://www.securityfocus.com/bid/102073 http://www-01.ibm.com/support/docview.wss?uid=swg21995039 https://source.android.com/security/bulletin/2017-12-01 https://sourceware.org/bugzilla/show_bug.cgi?id=20112 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c https://www.oracle.com//security-alerts/cpujul2021.html https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html SuSE Security Announcement: openSUSE-SU-2016:1527 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html SuSE Security Announcement: openSUSE-SU-2016:1779 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html https://usn.ubuntu.com/3759-1/ https://usn.ubuntu.com/3759-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8779 BugTraq ID: 98325 http://www.securityfocus.com/bid/98325 Debian Security Information: DSA-3845 (Google Search) http://www.debian.org/security/2017/dsa-3845 https://www.exploit-db.com/exploits/41974/ https://security.gentoo.org/glsa/201706-07 http://openwall.com/lists/oss-security/2017/05/03/12 http://openwall.com/lists/oss-security/2017/05/04/1 https://github.com/drbothen/GO-RPCBOMB https://github.com/guidovranken/rpcbomb/ https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/ RedHat Security Advisories: RHBA-2017:1497 https://access.redhat.com/errata/RHBA-2017:1497 RedHat Security Advisories: RHSA-2017:1262 https://access.redhat.com/errata/RHSA-2017:1262 RedHat Security Advisories: RHSA-2017:1263 https://access.redhat.com/errata/RHSA-2017:1263 RedHat Security Advisories: RHSA-2017:1267 https://access.redhat.com/errata/RHSA-2017:1267 RedHat Security Advisories: RHSA-2017:1268 https://access.redhat.com/errata/RHSA-2017:1268 RedHat Security Advisories: RHSA-2017:1395 https://access.redhat.com/errata/RHSA-2017:1395 http://www.securitytracker.com/id/1038532 Common Vulnerability Exposure (CVE) ID: CVE-2018-14622 http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=1c77f7a869bdea2a34799d774460d1f9983d45f0 https://bugzilla.novell.com/show_bug.cgi?id=968175 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14622 https://lists.debian.org/debian-lts-announce/2018/08/msg00034.html RedHat Security Advisories: RHBA-2017:1991 https://access.redhat.com/errata/RHBA-2017:1991
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.