ID de Prueba:	1.3.6.1.4.1.25623.1.0.120511
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-588)
Resumen:	The remote host is missing an update for the 'golang, docker' package(s) announced via the ALAS-2015-588 advisory.
Descripción:	Summary: The remote host is missing an update for the 'golang, docker' package(s) announced via the ALAS-2015-588 advisory. Vulnerability Insight: As discussed upstream -- here and here -- the Go project received notification of an HTTP request smuggling vulnerability in the net/http library. Invalid headers are parsed as valid headers (like 'Content Length:' with a space in the middle) and Double Content-length headers in a request does not generate a 400 error, the second Content-length is ignored. Affected Software/OS: 'golang, docker' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5739 BugTraq ID: 76281 http://www.securityfocus.com/bid/76281 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html http://seclists.org/oss-sec/2015/q3/237 http://seclists.org/oss-sec/2015/q3/292 http://seclists.org/oss-sec/2015/q3/294 RedHat Security Advisories: RHSA-2016:1538 http://rhn.redhat.com/errata/RHSA-2016-1538.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5740 Common Vulnerability Exposure (CVE) ID: CVE-2015-5741 https://bugzilla.redhat.com/show_bug.cgi?id=1250352 https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.