openSUSE Security Update : libxslt (openSUSE-SU-2013:0585-1)

Medium Nessus Plugin ID 74951

Synopsis

The remote openSUSE host is missing a security update.

Description

Two denial of service problems (crashes with NULL pointer derference) were fixed in libxslt, which could potentially be used by remote attackers to crash libxslt using programs.

Solution

Update the affected libxslt packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=811686

https://lists.opensuse.org/opensuse-updates/2013-04/msg00020.html

Plugin Details

Severity: Medium

ID: 74951

File Name: openSUSE-2013-289.nasl

Version: 1.4

Type: local

Agent: unix

Published: 2014/06/13

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libxslt-debugsource, p-cpe:/a:novell:opensuse:libxslt-devel, p-cpe:/a:novell:opensuse:libxslt-devel-32bit, p-cpe:/a:novell:opensuse:libxslt-python, p-cpe:/a:novell:opensuse:libxslt-python-debuginfo, p-cpe:/a:novell:opensuse:libxslt-python-debugsource, p-cpe:/a:novell:opensuse:libxslt-tools, p-cpe:/a:novell:opensuse:libxslt-tools-debuginfo, p-cpe:/a:novell:opensuse:libxslt1, p-cpe:/a:novell:opensuse:libxslt1-32bit, p-cpe:/a:novell:opensuse:libxslt1-debuginfo, p-cpe:/a:novell:opensuse:libxslt1-debuginfo-32bit, cpe:/o:novell:opensuse:12.1, cpe:/o:novell:opensuse:12.2, cpe:/o:novell:opensuse:12.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/03/26

Reference Information

CVE: CVE-2012-6139