Test Kennung:	1.3.6.1.4.1.25623.1.0.120034
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2015-551)
Zusammenfassung:	The remote host is missing an update for the 'curl' package(s) announced via the ALAS-2015-551 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the ALAS-2015-551 advisory. Vulnerability Insight: As discussed upstream, libcurl can wrongly send HTTP credentials when re-using connections. (CVE-2015-3236) Also discussed upstream, libcurl can get tricked by a malicious SMB server to send off data it did not intend to. (CVE-2015-3237) Affected Software/OS: 'curl' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3236 BugTraq ID: 75385 http://www.securityfocus.com/bid/75385 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html https://security.gentoo.org/glsa/201509-02 Common Vulnerability Exposure (CVE) ID: CVE-2015-3237 BugTraq ID: 75387 http://www.securityfocus.com/bid/75387 http://www.securitytracker.com/id/1036371
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.