Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2021.0932.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2021:0932-1)
Resumen:The remote host is missing an update for the 'nghttp2' package(s) announced via the SUSE-SU-2021:0932-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'nghttp2' package(s) announced via the SUSE-SU-2021:0932-1 advisory.

Vulnerability Insight:
This update for nghttp2 fixes the following issues:

Security issues fixed:

CVE-2020-11080: HTTP/2 Large Settings Frame DoS (bsc#1181358).

CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to
resource loops, potentially leading to a denial of service (bsc#1146184).

CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to
window size manipulation and stream prioritization manipulation,
potentially leading to a denial of service (bsc#1146182).

CVE-2018-1000168: Fixed ALTSVC frame client side denial of service
(bsc#1088639).

CVE-2016-1544: Fixed out of memory due to unlimited incoming HTTP header
fields (bsc#966514).

Bug fixes and enhancements:

Packages must not mark license files as %doc (bsc#1082318)

Typo in description of libnghttp2_asio1 (bsc#962914)

Fixed mistake in spec file (bsc#1125689)

Fixed build issue with boost 1.70.0 (bsc#1134616)

Fixed build issue with GCC 6 (bsc#964140)

Feature: Add W&S module (FATE#326776, bsc#1112438)

Affected Software/OS:
'nghttp2' package(s) on HPE Helion Openstack 8, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 12-SP4, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-1544
Common Vulnerability Exposure (CVE) ID: CVE-2019-9511
Bugtraq: 20190822 [SECURITY] [DSA 4505-1] nginx security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/40
Bugtraq: 20190902 [SECURITY] [DSA 4511-1] nghttp2 security update (Google Search)
https://seclists.org/bugtraq/2019/Sep/1
CERT/CC vulnerability note: VU#605641
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://security.netapp.com/advisory/ntap-20190823-0002/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K02591030
https://support.f5.com/csp/article/K02591030?utm_source=f5support&utm_medium=RSS
https://www.synology.com/security/advisory/Synology_SA_19_33
Debian Security Information: DSA-4505 (Google Search)
https://www.debian.org/security/2019/dsa-4505
Debian Security Information: DSA-4511 (Google Search)
https://www.debian.org/security/2019/dsa-4511
Debian Security Information: DSA-4669 (Google Search)
https://www.debian.org/security/2020/dsa-4669
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BP556LEG3WENHZI5TAQ6ZEBFTJB4E2IS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XHTKU7YQ5EEP2XNSAV4M4VJ7QCBOJMOD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPAEC4FWL4UU4LDEGPY5NPALU24FFQD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZLUYPYY3RX4ZJDWZRJIKSULYRJ4PXW7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUBYAF6ED3O4XCHQ5C2HYENJLXYXZC4M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TAZZEVTCN2B4WT6AIBJ7XGYJMBTORJU5/
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
RedHat Security Advisories: RHSA-2019:2692
https://access.redhat.com/errata/RHSA-2019:2692
RedHat Security Advisories: RHSA-2019:2745
https://access.redhat.com/errata/RHSA-2019:2745
RedHat Security Advisories: RHSA-2019:2746
https://access.redhat.com/errata/RHSA-2019:2746
RedHat Security Advisories: RHSA-2019:2775
https://access.redhat.com/errata/RHSA-2019:2775
RedHat Security Advisories: RHSA-2019:2799
https://access.redhat.com/errata/RHSA-2019:2799
RedHat Security Advisories: RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2925
RedHat Security Advisories: RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2939
RedHat Security Advisories: RHSA-2019:2949
https://access.redhat.com/errata/RHSA-2019:2949
RedHat Security Advisories: RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2955
RedHat Security Advisories: RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:2966
RedHat Security Advisories: RHSA-2019:3041
https://access.redhat.com/errata/RHSA-2019:3041
RedHat Security Advisories: RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3932
RedHat Security Advisories: RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3933
RedHat Security Advisories: RHSA-2019:3935
https://access.redhat.com/errata/RHSA-2019:3935
RedHat Security Advisories: RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4018
RedHat Security Advisories: RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4019
RedHat Security Advisories: RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4020
RedHat Security Advisories: RHSA-2019:4021
https://access.redhat.com/errata/RHSA-2019:4021
SuSE Security Announcement: openSUSE-SU-2019:2114 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
SuSE Security Announcement: openSUSE-SU-2019:2115 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
SuSE Security Announcement: openSUSE-SU-2019:2120 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html
SuSE Security Announcement: openSUSE-SU-2019:2232 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html
SuSE Security Announcement: openSUSE-SU-2019:2234 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html
SuSE Security Announcement: openSUSE-SU-2019:2264 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html
https://usn.ubuntu.com/4099-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9513
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.