|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for libsoup RHSA-2017:2459-01|
|Summary:||The remote host is missing an update for the 'libsoup'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'libsoup'
package(s) announced via the referenced advisory.
The libsoup packages provide an HTTP client
and server library for GNOME. Security Fix(es): * A stack-based buffer overflow
flaw was discovered within the HTTP processing of libsoup. A remote attacker
could exploit this flaw to cause a crash or, potentially, execute arbitrary code
by sending a specially crafted HTTP request to a server using the libsoup HTTP
server functionality or by tricking a user into connecting to a malicious HTTP
server with an application using the libsoup HTTP client functionality.
(CVE-2017-2885) Red Hat would like to thank Aleksandar Nikolic (Cisco Talos) for
reporting this issue.
libsoup on Red Hat Enterprise Linux Server (v. 7)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2017-2885|
BugTraq ID: 100258
Debian Security Information: DSA-3929 (Google Search)
RedHat Security Advisories: RHSA-2017:2459
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.