ID de Prueba:	1.3.6.1.4.1.25623.1.0.882804
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for curl CESA-2017:3263 centos7
Resumen:	Check the version of curl
Descripción:	Summary: Check the version of curl Vulnerability Insight: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application. (CVE-2017-1000257) Red Hat would like to thank the Curl project for reporting this issue. Upstream acknowledges Brian Carpenter and the OSS-Fuzz project as the original reporters. Affected Software/OS: curl on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000257 BugTraq ID: 101519 http://www.securityfocus.com/bid/101519 Debian Security Information: DSA-4007 (Google Search) http://www.debian.org/security/2017/dsa-4007 https://security.gentoo.org/glsa/201712-04 RedHat Security Advisories: RHSA-2017:3263 https://access.redhat.com/errata/RHSA-2017:3263 RedHat Security Advisories: RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 RedHat Security Advisories: RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2018:3558 http://www.securitytracker.com/id/1039644
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.