|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for log4net (DLA-2211-1)|
|Summary:||The remote host is missing an update for the 'log4net'; package(s) announced via the DLA-2211-1 advisory.|
The remote host is missing an update for the 'log4net'
package(s) announced via the DLA-2211-1 advisory.
It was discovered that there was an XML external entity vulnerability
in log4net, a logging API for the ECMA Common Language Infrastructure
(CLI), sometimes referred to as 'Mono'.
This type of attack occurs when XML input containing a reference to
an internet-faced entity is processed by a weakly configured XML
parser. This attack may lead to the disclosure of confidential data,
denial of service, server side request forgery as well as other
'log4net' package(s) on Debian Linux.
For Debian 8 'Jessie', this issue has been fixed in log4net version
We recommend that you upgrade your log4net packages.
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.