Test Kennung:	1.3.6.1.4.1.25623.1.0.883093
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for curl CESA-2019:1880 centos7
Zusammenfassung:	The remote host is missing an update for the 'curl'; package(s) announced via the CESA-2019:1880 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the CESA-2019:1880 advisory. Vulnerability Insight: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: NTLM password overflow via integer overflow (CVE-2018-14618) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * baseurl with file:// hangs and then timeout in yum repo (BZ#1709474) * curl crashes on http links with rate-limit (BZ#1711914) Affected Software/OS: 'curl' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14618 Debian Security Information: DSA-4286 (Google Search) https://www.debian.org/security/2018/dsa-4286 https://security.gentoo.org/glsa/201903-03 RedHat Security Advisories: RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2018:3558 RedHat Security Advisories: RHSA-2019:1880 https://access.redhat.com/errata/RHSA-2019:1880 http://www.securitytracker.com/id/1041605 https://usn.ubuntu.com/3765-1/ https://usn.ubuntu.com/3765-2/
Copyright	Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.