Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Huawei EulerOS Local Security Checks
Title:Huawei EulerOS: Security Advisory for PyYAML (EulerOS-SA-2020-2475)
Summary:The remote host is missing an update for the Huawei EulerOS; 'PyYAML' package(s) announced via the EulerOS-SA-2020-2475 advisory.
The remote host is missing an update for the Huawei EulerOS
'PyYAML' package(s) announced via the EulerOS-SA-2020-2475 advisory.

Vulnerability Insight:
A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of SMS protocol data units (PDUs) that are encoded with a special character set. An attacker could exploit this vulnerability by sending a malicious SMS message to an affected device. A successful exploit could allow the attacker to cause the wireless WAN (WWAN) cellular interface module on an affected device to crash, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.(CVE-2019-1747)

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.(CVE-2019-20477)

Affected Software/OS:
'PyYAML' package(s) on Huawei EulerOS Virtualization

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-1747
BugTraq ID: 107599
Cisco Security Advisory: 20190327 Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2020 E-Soft Inc. All rights reserved.