Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2020-1742)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.2.2020.1742

Category: Huawei EulerOS Local Security Checks

Title: Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2020-1742)

Summary: The remote host is missing an update for the Huawei EulerOS 'libdb' package(s) announced via the EulerOS-SA-2020-1742 advisory.

Description: Summary:
The remote host is missing an update for the Huawei EulerOS 'libdb' package(s) announced via the EulerOS-SA-2020-1742 advisory.

Vulnerability Insight:
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.(CVE-2017-10140)

Affected Software/OS:
'libdb' package(s) on Huawei EulerOS Virtualization 3.0.6.0.

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-10140
http://www.postfix.org/announcements/postfix-3.2.2.html
https://www.oracle.com/security-alerts/cpujul2020.html
http://seclists.org/oss-sec/2017/q3/285
RedHat Security Advisories: RHSA-2019:0366
https://access.redhat.com/errata/RHSA-2019:0366

Copyright Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.2.2020.1742
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2020-1742)
Summary:	The remote host is missing an update for the Huawei EulerOS 'libdb' package(s) announced via the EulerOS-SA-2020-1742 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'libdb' package(s) announced via the EulerOS-SA-2020-1742 advisory. Vulnerability Insight: Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.(CVE-2017-10140) Affected Software/OS: 'libdb' package(s) on Huawei EulerOS Virtualization 3.0.6.0. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-10140 http://www.postfix.org/announcements/postfix-3.2.2.html https://www.oracle.com/security-alerts/cpujul2020.html http://seclists.org/oss-sec/2017/q3/285 RedHat Security Advisories: RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0366
Copyright	Copyright (C) 2020 Greenbone AG