Test Kennung:	1.3.6.1.4.1.25623.1.0.67287
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: curl
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: curl CVE-2010-0734 content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0734 20101027 rPSA-2010-0072-1 curl http://www.securityfocus.com/archive/1/514490/100/0/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 38843 http://secunia.com/advisories/38843 38981 http://secunia.com/advisories/38981 39087 http://secunia.com/advisories/39087 39734 http://secunia.com/advisories/39734 40220 http://secunia.com/advisories/40220 45047 http://secunia.com/advisories/45047 48256 http://secunia.com/advisories/48256 ADV-2010-0571 http://www.vupen.com/english/advisories/2010/0571 ADV-2010-0602 http://www.vupen.com/english/advisories/2010/0602 ADV-2010-0660 http://www.vupen.com/english/advisories/2010/0660 ADV-2010-0725 http://www.vupen.com/english/advisories/2010/0725 ADV-2010-1481 http://www.vupen.com/english/advisories/2010/1481 APPLE-SA-2010-06-15-1 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html DSA-2023 http://www.debian.org/security/2010/dsa-2023 FEDORA-2010-2720 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037143.html FEDORA-2010-2762 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036744.html GLSA-201203-02 http://security.gentoo.org/glsa/glsa-201203-02.xml MDVSA-2010:062 http://www.mandriva.com/security/advisories?name=MDVSA-2010:062 RHSA-2010:0329 http://www.redhat.com/support/errata/RHSA-2010-0329.html USN-1158-1 http://www.ubuntu.com/usn/USN-1158-1 [oss-security] 20100209 CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/02/09/5 [oss-security] 20100309 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/09/1 [oss-security] 20100316 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/16/11 http://curl.haxx.se/docs/adv_20100209.html http://curl.haxx.se/docs/security.html#20100209 http://curl.haxx.se/libcurl-contentencoding.patch http://support.apple.com/kb/HT4188 http://support.avaya.com/css/P8/documents/100081819 http://wiki.rpath.com/Advisories:rPSA-2010-0072 http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=563220 oval:org.mitre.oval:def:10760 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10760 oval:org.mitre.oval:def:6756 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6756
Copyright	Copyright (C) 2010 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.