Test ID:	1.3.6.1.4.1.25623.1.1.2.2019.1231
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1231)
Summary:	The remote host is missing an update for the Huawei EulerOS 'binutils' package(s) announced via the EulerOS-SA-2019-1231 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'binutils' package(s) announced via the EulerOS-SA-2019-1231 advisory. Vulnerability Insight: binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000876) Affected Software/OS: 'binutils' package(s) on Huawei EulerOS Virtualization 2.5.4. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1000876 BugTraq ID: 106304 http://www.securityfocus.com/bid/106304 https://sourceware.org/bugzilla/show_bug.cgi?id=23994 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f RedHat Security Advisories: RHSA-2019:2075 https://access.redhat.com/errata/RHSA-2019:2075 SuSE Security Announcement: openSUSE-SU-2019:2415 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html SuSE Security Announcement: openSUSE-SU-2019:2432 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html https://usn.ubuntu.com/4336-1/
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.