Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.140035
Categoría:F5 Local Security Checks
Título:F5 BIG-IP - Expat XML library vulnerability CVE-2016-5300
Resumen:F5 BIG-IP is prone to a vulnerability in the Expat XML library.;; This VT has been deprecated as a duplicate of the VT 'F5 BIG-IP - Expat XML library vulnerability; CVE-2016-5300' (OID: 1.3.6.1.4.1.25623.1.0.140638).
Descripción:Summary:
F5 BIG-IP is prone to a vulnerability in the Expat XML library.

This VT has been deprecated as a duplicate of the VT 'F5 BIG-IP - Expat XML library vulnerability
CVE-2016-5300' (OID: 1.3.6.1.4.1.25623.1.0.140638).

Vulnerability Insight:
The XML parser in Expat does not use sufficient entropy for hash
initialization, which allows context-dependent attackers to cause a denial of service (CPU
consumption) via crafted identifiers in an XML document.

Vulnerability Impact:
An attacker may be able to cause a denial-of-service (DoS) attack
via crafted identifiers in an XML document.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-5300
BugTraq ID: 91159
http://www.securityfocus.com/bid/91159
Debian Security Information: DSA-3597 (Google Search)
http://www.debian.org/security/2016/dsa-3597
https://security.gentoo.org/glsa/201701-21
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
http://www.openwall.com/lists/oss-security/2016/06/04/4
http://www.openwall.com/lists/oss-security/2016/06/04/5
http://www.ubuntu.com/usn/USN-3010-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-0876
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
BugTraq ID: 52379
http://www.securityfocus.com/bid/52379
Debian Security Information: DSA-2525 (Google Search)
http://www.debian.org/security/2012/dsa-2525
http://www.mandriva.com/security/advisories?name=MDVSA-2012:041
http://bugs.python.org/issue13703#msg151870
http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html
RedHat Security Advisories: RHSA-2012:0731
http://rhn.redhat.com/errata/RHSA-2012-0731.html
RedHat Security Advisories: RHSA-2016:0062
http://rhn.redhat.com/errata/RHSA-2016-0062.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://secunia.com/advisories/49504
http://secunia.com/advisories/51024
http://secunia.com/advisories/51040
http://www.ubuntu.com/usn/USN-1527-1
http://www.ubuntu.com/usn/USN-1613-1
http://www.ubuntu.com/usn/USN-1613-2
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.