Test ID:	1.3.6.1.4.1.25623.1.0.882909
Category:	CentOS Local Security Checks
Title:	CentOS Update for xmlrpc-client CESA-2018:1780 centos7
Summary:	Check the version of xmlrpc-client
Description:	Summary: Check the version of xmlrpc-client Vulnerability Insight: Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Security Fix(es): * xmlrpc: Deserialization of untrusted Java object through ex:serializable tag (CVE-2016-5003) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: xmlrpc-client on CentOS 7 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5003 https://security.gentoo.org/glsa/202401-26 1036294 http://www.securitytracker.com/id/1036294 91736 http://www.securityfocus.com/bid/91736 91738 http://www.securityfocus.com/bid/91738 RHSA-2018:1779 https://access.redhat.com/errata/RHSA-2018:1779 RHSA-2018:1780 https://access.redhat.com/errata/RHSA-2018:1780 RHSA-2018:1784 https://access.redhat.com/errata/RHSA-2018:1784 RHSA-2018:2317 https://access.redhat.com/errata/RHSA-2018:2317 RHSA-2018:3768 https://access.redhat.com/errata/RHSA-2018:3768 [oss-security] 20160712 Vulnerabilities in Apache Archiva http://www.openwall.com/lists/oss-security/2016/07/12/5 [oss-security] 20200116 [CVE-2019-17570] xmlrpc-common untrusted deserialization http://www.openwall.com/lists/oss-security/2020/01/16/1 [oss-security] 20200124 RE: [CVE-2019-17570] xmlrpc-common untrusted deserialization http://www.openwall.com/lists/oss-security/2020/01/24/2 apache-archiva-cve20165003-code-exec(115043) https://exchange.xforce.ibmcloud.com/vulnerabilities/115043 https://0ang3el.blogspot.ru/2016/07/beware-of-ws-xmlrpc-library-in-your.html
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.