ID de Prueba:	1.3.6.1.4.1.25623.1.0.71186
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201203-02 (cURL)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201203-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201203-02. Vulnerability Insight: Multiple vulnerabilities have been found in cURL, the worst of which might allow remote execution of arbitrary code. Solution: All cURL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/curl-7.24.0' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0734 20101027 rPSA-2010-0072-1 curl http://www.securityfocus.com/archive/1/514490/100/0/threaded 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 38843 http://secunia.com/advisories/38843 38981 http://secunia.com/advisories/38981 39087 http://secunia.com/advisories/39087 39734 http://secunia.com/advisories/39734 40220 http://secunia.com/advisories/40220 45047 http://secunia.com/advisories/45047 48256 http://secunia.com/advisories/48256 ADV-2010-0571 http://www.vupen.com/english/advisories/2010/0571 ADV-2010-0602 http://www.vupen.com/english/advisories/2010/0602 ADV-2010-0660 http://www.vupen.com/english/advisories/2010/0660 ADV-2010-0725 http://www.vupen.com/english/advisories/2010/0725 ADV-2010-1481 http://www.vupen.com/english/advisories/2010/1481 APPLE-SA-2010-06-15-1 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html DSA-2023 http://www.debian.org/security/2010/dsa-2023 FEDORA-2010-2720 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037143.html FEDORA-2010-2762 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036744.html GLSA-201203-02 http://security.gentoo.org/glsa/glsa-201203-02.xml MDVSA-2010:062 http://www.mandriva.com/security/advisories?name=MDVSA-2010:062 RHSA-2010:0329 http://www.redhat.com/support/errata/RHSA-2010-0329.html USN-1158-1 http://www.ubuntu.com/usn/USN-1158-1 [oss-security] 20100209 CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/02/09/5 [oss-security] 20100309 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/09/1 [oss-security] 20100316 Re: CVE Request -- cURL/libCURL 7.20.0 http://www.openwall.com/lists/oss-security/2010/03/16/11 http://curl.haxx.se/docs/adv_20100209.html http://curl.haxx.se/docs/security.html#20100209 http://curl.haxx.se/libcurl-contentencoding.patch http://support.apple.com/kb/HT4188 http://support.avaya.com/css/P8/documents/100081819 http://wiki.rpath.com/Advisories:rPSA-2010-0072 http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=563220 oval:org.mitre.oval:def:10760 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10760 oval:org.mitre.oval:def:6756 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6756 Common Vulnerability Exposure (CVE) ID: CVE-2011-2192 1025713 http://www.securitytracker.com/id?1025713 45067 http://secunia.com/advisories/45067 45088 http://secunia.com/advisories/45088 45144 http://secunia.com/advisories/45144 45181 http://secunia.com/advisories/45181 APPLE-SA-2012-02-01-1 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html DSA-2271 http://www.debian.org/security/2011/dsa-2271 FEDORA-2011-8586 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.html FEDORA-2011-8640 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.html MDVSA-2011:116 http://www.mandriva.com/security/advisories?name=MDVSA-2011:116 RHSA-2011:0918 http://www.redhat.com/support/errata/RHSA-2011-0918.html http://curl.haxx.se/curl-gssapi-delegation.patch http://curl.haxx.se/docs/adv_20110623.html http://support.apple.com/kb/HT5130 https://bugzilla.redhat.com/show_bug.cgi?id=711454 Common Vulnerability Exposure (CVE) ID: CVE-2011-3389 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html BugTraq ID: 49388 http://www.securityfocus.com/bid/49388 BugTraq ID: 49778 http://www.securityfocus.com/bid/49778 Cert/CC Advisory: TA12-010A http://www.us-cert.gov/cas/techalerts/TA12-010A.html CERT/CC vulnerability note: VU#864643 http://www.kb.cert.org/vuls/id/864643 Debian Security Information: DSA-2398 (Google Search) http://www.debian.org/security/2012/dsa-2398 http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBMU02742 http://marc.info/?l=bugtraq&m=132872385320240&w=2 HPdes Security Advisory: HPSBMU02797 http://marc.info/?l=bugtraq&m=134254957702612&w=2 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBMU02900 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 HPdes Security Advisory: HPSBUX02730 http://marc.info/?l=bugtraq&m=132750579901589&w=2 HPdes Security Advisory: HPSBUX02760 http://marc.info/?l=bugtraq&m=133365109612558&w=2 HPdes Security Advisory: HPSBUX02777 http://marc.info/?l=bugtraq&m=133728004526190&w=2 HPdes Security Advisory: SSRT100710 HPdes Security Advisory: SSRT100740 HPdes Security Advisory: SSRT100805 HPdes Security Advisory: SSRT100854 HPdes Security Advisory: SSRT100867 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http://eprint.iacr.org/2006/136 http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 http://vnhacker.blogspot.com/2011/09/beast.html http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html http://www.insecure.cl/Beast-SSL.rar https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 Microsoft Security Bulletin: MS12-006 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 http://osvdb.org/74829 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.redhat.com/support/errata/RHSA-2012-0006.html RedHat Security Advisories: RHSA-2012:0508 http://rhn.redhat.com/errata/RHSA-2012-0508.html RedHat Security Advisories: RHSA-2013:1455 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://www.securitytracker.com/id?1025997 http://www.securitytracker.com/id?1026103 http://www.securitytracker.com/id?1026704 http://www.securitytracker.com/id/1029190 http://secunia.com/advisories/45791 http://secunia.com/advisories/47998 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/49198 http://secunia.com/advisories/55322 http://secunia.com/advisories/55350 http://secunia.com/advisories/55351 SuSE Security Announcement: SUSE-SU-2012:0114 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html SuSE Security Announcement: SUSE-SU-2012:0122 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html SuSE Security Announcement: SUSE-SU-2012:0602 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html SuSE Security Announcement: openSUSE-SU-2012:0030 (Google Search) https://hermes.opensuse.org/messages/13154861 SuSE Security Announcement: openSUSE-SU-2012:0063 (Google Search) https://hermes.opensuse.org/messages/13155432 SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.ubuntu.com/usn/USN-1263-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-0036 1032924 http://www.securitytracker.com/id/1032924 51665 http://www.securityfocus.com/bid/51665 APPLE-SA-2012-05-09-1 DSA-2398 HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 MDVSA-2012:058 SSRT100877 http://curl.haxx.se/curl-url-sanitize.patch http://curl.haxx.se/docs/adv_20120124.html http://support.apple.com/kb/HT5281 http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html https://bugzilla.redhat.com/show_bug.cgi?id=773457 https://github.com/bagder/curl/commit/75ca568fa1c19de4c5358fed246686de8467c238 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03760en_us
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.