Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2013.1627.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2013:1627-1)
Summary:The remote host is missing an update for the 'libxml2' package(s) announced via the SUSE-SU-2013:1627-1 advisory.
Description:Summary:
The remote host is missing an update for the 'libxml2' package(s) announced via the SUSE-SU-2013:1627-1 advisory.

Vulnerability Insight:
libxml2 has been updated to fix the following security issue:

* CVE-2013-0338: libxml2 allowed context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka 'internal entity expansion' with linear complexity.

Security Issue references:

* CVE-2013-0338
>
* CVE-2013-0339
>
* CVE-2012-5134
>
* CVE-2012-2807
>
* CVE-2011-3102
>
* CVE-2012-0841
>
* CVE-2011-3919
>
* CVE-2013-2877
>

Affected Software/OS:
'libxml2' package(s) on SUSE Linux Enterprise Server 10 SP4.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3102
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
BugTraq ID: 53540
http://www.securityfocus.com/bid/53540
Debian Security Information: DSA-2479 (Google Search)
http://www.debian.org/security/2012/dsa-2479
http://www.mandriva.com/security/advisories?name=MDVSA-2012:098
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
RedHat Security Advisories: RHSA-2013:0217
http://rhn.redhat.com/errata/RHSA-2013-0217.html
http://www.securitytracker.com/id?1027067
http://secunia.com/advisories/49243
http://secunia.com/advisories/50658
http://secunia.com/advisories/54886
http://secunia.com/advisories/55568
SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
SuSE Security Announcement: openSUSE-SU-2012:0656 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html
SuSE Security Announcement: openSUSE-SU-2012:0731 (Google Search)
https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.html
XForce ISS Database: google-chrome-libxml-code-exec(75607)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75607
Common Vulnerability Exposure (CVE) ID: CVE-2011-3919
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
BugTraq ID: 51300
http://www.securityfocus.com/bid/51300
Debian Security Information: DSA-2394 (Google Search)
http://www.debian.org/security/2012/dsa-2394
http://www.mandriva.com/security/advisories?name=MDVSA-2012:005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504
http://www.securitytracker.com/id?1026487
http://secunia.com/advisories/47449
Common Vulnerability Exposure (CVE) ID: CVE-2012-0841
BugTraq ID: 52107
http://www.securityfocus.com/bid/52107
Debian Security Information: DSA-2417 (Google Search)
http://www.debian.org/security/2012/dsa-2417
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846
http://www.openwall.com/lists/oss-security/2012/02/22/1
RedHat Security Advisories: RHSA-2012:0324
http://rhn.redhat.com/errata/RHSA-2012-0324.html
http://securitytracker.com/id?1026723
Common Vulnerability Exposure (CVE) ID: CVE-2012-2807
BugTraq ID: 54718
http://www.securityfocus.com/bid/54718
Debian Security Information: DSA-2521 (Google Search)
http://www.debian.org/security/2012/dsa-2521
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
http://secunia.com/advisories/50800
SuSE Security Announcement: openSUSE-SU-2012:0813 (Google Search)
https://hermes.opensuse.org/messages/15075728
SuSE Security Announcement: openSUSE-SU-2012:0975 (Google Search)
https://hermes.opensuse.org/messages/15375990
http://www.ubuntu.com/usn/USN-1587-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-5134
BugTraq ID: 56684
http://www.securityfocus.com/bid/56684
Debian Security Information: DSA-2580 (Google Search)
http://www.debian.org/security/2012/dsa-2580
RedHat Security Advisories: RHSA-2012:1512
http://rhn.redhat.com/errata/RHSA-2012-1512.html
http://www.securitytracker.com/id?1027815
http://secunia.com/advisories/51448
SuSE Security Announcement: openSUSE-SU-2012:1637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:0178 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html
http://www.ubuntu.com/usn/USN-1656-1
XForce ISS Database: google-libxml-buffer-underflow(80294)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80294
Common Vulnerability Exposure (CVE) ID: CVE-2013-0338
Debian Security Information: DSA-2652 (Google Search)
http://www.debian.org/security/2013/dsa-2652
HPdes Security Advisory: HPSBGN03302
http://marc.info/?l=bugtraq&m=142798889927587&w=2
HPdes Security Advisory: SSRT101996
http://secunia.com/advisories/52662
SuSE Security Announcement: openSUSE-SU-2013:0552 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00112.html
SuSE Security Announcement: openSUSE-SU-2013:0555 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00114.html
http://www.ubuntu.com/usn/USN-1782-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0339
https://bugzilla.redhat.com/show_bug.cgi?id=915149
https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f
http://openwall.com/lists/oss-security/2013/02/21/24
http://openwall.com/lists/oss-security/2013/02/22/3
http://www.openwall.com/lists/oss-security/2013/04/12/6
http://seclists.org/oss-sec/2013/q4/182
http://seclists.org/oss-sec/2013/q4/184
http://seclists.org/oss-sec/2013/q4/188
http://secunia.com/advisories/54172
http://www.ubuntu.com/usn/USN-1904-1
http://www.ubuntu.com/usn/USN-1904-2
Common Vulnerability Exposure (CVE) ID: CVE-2013-2877
BugTraq ID: 61050
http://www.securityfocus.com/bid/61050
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Debian Security Information: DSA-2724 (Google Search)
http://www.debian.org/security/2013/dsa-2724
Debian Security Information: DSA-2779 (Google Search)
http://www.debian.org/security/2013/dsa-2779
http://seclists.org/fulldisclosure/2014/Dec/23
SuSE Security Announcement: openSUSE-SU-2013:1221 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00063.html
SuSE Security Announcement: openSUSE-SU-2013:1246 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-07/msg00077.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.