Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.2.2020.2212
Category:Huawei EulerOS Local Security Checks
Title:Huawei EulerOS: Security Advisory for less (EulerOS-SA-2020-2212)
Summary:The remote host is missing an update for the Huawei EulerOS; 'less' package(s) announced via the EulerOS-SA-2020-2212 advisory.
Description:Summary:
The remote host is missing an update for the Huawei EulerOS
'less' package(s) announced via the EulerOS-SA-2020-2212 advisory.

Vulnerability Insight:
An out of bound read, with a maximum of 5 bytes, was found in the way the is_utf8_well_formed() function parsed UTF-8 characters. If less was to be recompiled with an address sanitizer, a specially crafted input could crash less.(CVE-2014-9488)

Affected Software/OS:
'less' package(s) on Huawei EulerOS Virtualization 3.0.2.2.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-9488
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159449.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:199
https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
SuSE Security Announcement: openSUSE-SU-2015:0595 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00077.html
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.