Slackware Local Security Checks : Slackware: Security Advisory (SSA:2016-308-01)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.13.2016.308.01
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2016-308-01)
Zusammenfassung:	The remote host is missing an update for the 'curl' package(s) announced via the SSA:2016-308-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the SSA:2016-308-01 advisory. Vulnerability Insight: New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/curl-7.51.0-i586-1_slack14.2.txz: Upgraded. This release fixes security issues: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'curl' package(s) on Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8615 BugTraq ID: 94096 http://www.securityfocus.com/bid/94096 https://security.gentoo.org/glsa/201701-47 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E RedHat Security Advisories: RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 RedHat Security Advisories: RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2018:3558 http://www.securitytracker.com/id/1037192 Common Vulnerability Exposure (CVE) ID: CVE-2016-8616 BugTraq ID: 94094 http://www.securityfocus.com/bid/94094 Common Vulnerability Exposure (CVE) ID: CVE-2016-8617 BugTraq ID: 94097 http://www.securityfocus.com/bid/94097 Common Vulnerability Exposure (CVE) ID: CVE-2016-8618 BugTraq ID: 94098 http://www.securityfocus.com/bid/94098 Common Vulnerability Exposure (CVE) ID: CVE-2016-8619 BugTraq ID: 94100 http://www.securityfocus.com/bid/94100 Common Vulnerability Exposure (CVE) ID: CVE-2016-8620 BugTraq ID: 94102 http://www.securityfocus.com/bid/94102 Common Vulnerability Exposure (CVE) ID: CVE-2016-8621 BugTraq ID: 94101 http://www.securityfocus.com/bid/94101 Common Vulnerability Exposure (CVE) ID: CVE-2016-8622 BugTraq ID: 94105 http://www.securityfocus.com/bid/94105 Common Vulnerability Exposure (CVE) ID: CVE-2016-8623 BugTraq ID: 94106 http://www.securityfocus.com/bid/94106 Common Vulnerability Exposure (CVE) ID: CVE-2016-8624 BugTraq ID: 94103 http://www.securityfocus.com/bid/94103 https://curl.haxx.se/docs/adv_20161102J.html https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5@%3Ccommits.pulsar.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2016-8625 BugTraq ID: 94107 http://www.securityfocus.com/bid/94107
Copyright	Copyright (C) 2022 Greenbone AG