Board logo

标题: 阿里云ubuntu系统安骑士查出的系统软件漏洞修复命令 [打印本页]

作者: linda    时间: 2017-9-4 18:28     标题: 阿里云ubuntu系统安骑士查出的系统软件漏洞修复命令

CVE-2015-0272 on Ubuntu 14.04 LTS (trusty) - medium | GNOME NetworkManager ‘ipv6/addrconf.c’拒绝服务漏洞
apt-get update && apt-get install linux-headers-3.13.0-65 --only-upgrade

CVE-2017-9074 on Ubuntu 14.04 LTS (trusty) - medium | Linux kernel <= 4.11.1拒绝服务漏洞
apt-get update && apt-get install linux-headers-3.13.0-65 --only-upgrade

CVE-2017-3143 on Ubuntu 14.04 LTS (trusty) - medium | BIND安全绕过漏洞
apt-get update && apt-get install libisccfg90 --only-upgrade

CVE-2016-7993 on Ubuntu 14.04 LTS (trusty) - medium |  tcpdump 缓冲区错误漏洞
apt-get update && apt-get install tcpdump --only-upgrade

CVE-2017-5337 on Ubuntu 14.04 LTS (trusty) - medium | GnuTLS 'lib/opencdk/read-packet.c'缓冲区溢出漏洞
apt-get update && apt-get install libgnutls26 --only-upgrade

CVE-2017-9076 on Ubuntu 14.04 LTS (trusty) - medium | Linux kernel中net/dccp/ipv6.c文件的‘dccp_v6_request_recv_sock’函数存在拒绝服务漏洞
apt-get update && apt-get install linux-headers-3.13.0-65 --only-upgrade

CVE-2015-5277 on Ubuntu 14.04 LTS (trusty) - medium | GNU glibc 本地堆缓冲区溢出漏洞
apt-get update && apt-get install libc6 --only-upgrade

CVE-2017-5483 on Ubuntu 14.04 LTS (trusty) - medium | Tcpdump SNMP解析器缓冲区溢出漏洞
apt-get update && apt-get install tcpdump --only-upgrade

CVE-2016-7938 on Ubuntu 14.04 LTS (trusty) - medium | tcpdump整数溢出漏洞
apt-get update && apt-get install tcpdump --only-upgrade

CVE-2015-8325 on Ubuntu 14.04 LTS (trusty) - low | OpenSSH do_setup_env函数权限提升漏洞
apt-get update && apt-get install openssh-client --only-upgrade

CVE-2016-1762 on Ubuntu 14.04 LTS (trusty) - medium |  libxml2 xmlNextChar函数导致拒绝服务
apt-get update && apt-get install libxml2 --only-upgrade

CVE-2016-0727 on Ubuntu 14.04 LTS (trusty) - low | NTP crontab脚本导致任意文件写入漏洞
apt-get update && apt-get install ntp --only-upgrade

CVE-2016-6321 on Ubuntu 14.04 LTS (trusty) - medium | GNU tar(POINTYFEATHER) 解压路径绕过漏洞
apt-get update && apt-get install tar --only-upgrade

CVE-2017-0553 on Ubuntu 14.04 LTS (trusty) - medium | Google Android libnl整数溢出漏洞导致执行任意代码
apt-get update && apt-get install libnl-genl-3-200 --only-upgrade

CVE-2016-6303 on Ubuntu 14.04 LTS (trusty) - medium | OpenSSL 'MDC2_Update'函数整数溢出漏洞
apt-get update && apt-get install openssl --only-upgrade

CVE-2016-5300 on Ubuntu 14.04 LTS (trusty) - medium | Expat XML解析器拒绝服务漏洞
apt-get update && apt-get install libexpat1 --only-upgrade

CVE-2017-5461 on Ubuntu 14.04 LTS (trusty) - medium | Mozilla NSS 内存破坏漏洞
apt-get update && apt-get install libnss3 --only-upgrade

CVE-2016-6313 on Ubuntu 14.04 LTS (trusty) - high | GnuPG随机数预测漏洞
apt-get update && apt-get install gnupg --only-upgrade
apt-get update && apt-get install libgcrypt11 --only-upgrade

CVE-2015-2059 on Ubuntu 14.04 LTS (trusty) - low |  libidn stringprep_utf8_to_ucs4函数导致越界读取漏洞
apt-get update && apt-get install libidn11 --only-upgrade

CVE-2016-4008 on Ubuntu 14.04 LTS (trusty) - medium | GUN Libtasn1拒绝服务漏洞
apt-get update && apt-get install libtasn1-6 --only-upgrade

CVE-2015-0245 on Ubuntu 14.04 LTS (trusty) - medium | D-Bus本地拒绝服务漏洞
apt-get update && apt-get install dbus --only-upgrade

CVE-2017-6507 on Ubuntu 14.04 LTS (trusty) - medium | Ubuntu AppArmor安全绕过漏洞
apt-get update && apt-get install apparmor --only-upgrade

CVE-2016-0772 on Ubuntu 14.04 LTS (trusty) - medium | CPython 绕过TLS保护
apt-get update && apt-get install python2.7 --only-upgrade




欢迎光临 中神通公司技术论坛 (http://trustcomputing.com.cn/bbs/) Powered by Discuz! 6.0.0