Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2013:133 | First vendor Publication | 2013-04-10 |
Vendor | Mandriva | Last vendor Modification | 2013-04-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Updated usbmuxd packages fix security vulnerability: It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user (CVE-2012-0065). |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:133 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17581 | |||
Oval ID: | oval:org.mitre.oval:def:17581 | ||
Title: | USN-1354-1 -- usbmuxd vulnerability | ||
Description: | usbmuxd could be made to crash or run programs if it received specially crafted input. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1354-1 CVE-2012-0065 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 | Product(s): | usbmuxd |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-17 | Name : Mandriva Update for usbmuxd MDVSA-2012:133 (usbmuxd) File : nvt/gb_mandriva_MDVSA_2012_133.nasl |
2012-04-02 | Name : Fedora Update for usbmuxd FEDORA-2012-1192 File : nvt/gb_fedora_2012_1192_usbmuxd_fc16.nasl |
2012-03-12 | Name : Gentoo Security Advisory GLSA 201203-11 (usbmuxd) File : nvt/glsa_201203_11.nasl |
2012-02-21 | Name : Fedora Update for usbmuxd FEDORA-2012-1213 File : nvt/gb_fedora_2012_1213_usbmuxd_fc15.nasl |
2012-02-03 | Name : Ubuntu Update for usbmuxd USN-1354-1 File : nvt/gb_ubuntu_USN_1354_1.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-140.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_iproxy-120223.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-133.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-133.nasl - Type : ACT_GATHER_INFO |
2012-03-12 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_usbmuxd-120223.nasl - Type : ACT_GATHER_INFO |
2012-03-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-11.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1192.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1213.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1354-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:43:43 |
|
2013-04-10 21:18:29 |
|