Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0054)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2018.0054

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2018-0054)

Resumen: The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2018-0054 advisory.

Descripción: Summary:
The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2018-0054 advisory.

Vulnerability Insight:
libcurl contains a buffer overrun flaw in the NTLM authentication code
(CVE-2017-8816).

libcurl contains a read out of bounds flaw in the FTP wildcard function
(CVE-2017-8817).

libcurl may read outside of a heap allocated buffer when doing FTP
(CVE-2017-1000254).

libcurl contains a buffer overrun flaw in the IMAP handler
(CVE-2017-1000257).

Affected Software/OS:
'curl' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-1000254
BugTraq ID: 101115
http://www.securityfocus.com/bid/101115
Debian Security Information: DSA-3992 (Google Search)
http://www.debian.org/security/2017/dsa-3992
https://security.gentoo.org/glsa/201712-04
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
RedHat Security Advisories: RHSA-2018:2486
https://access.redhat.com/errata/RHSA-2018:2486
RedHat Security Advisories: RHSA-2018:3558
https://access.redhat.com/errata/RHSA-2018:3558
http://www.securitytracker.com/id/1039509
Common Vulnerability Exposure (CVE) ID: CVE-2017-1000257
BugTraq ID: 101519
http://www.securityfocus.com/bid/101519
Debian Security Information: DSA-4007 (Google Search)
http://www.debian.org/security/2017/dsa-4007
RedHat Security Advisories: RHSA-2017:3263
https://access.redhat.com/errata/RHSA-2017:3263
http://www.securitytracker.com/id/1039644
Common Vulnerability Exposure (CVE) ID: CVE-2017-8816
BugTraq ID: 101998
http://www.securityfocus.com/bid/101998
Debian Security Information: DSA-4051 (Google Search)
https://www.debian.org/security/2017/dsa-4051
http://www.securitytracker.com/id/1039896
http://www.securitytracker.com/id/1040608
Common Vulnerability Exposure (CVE) ID: CVE-2017-8817
BugTraq ID: 102057
http://www.securityfocus.com/bid/102057
https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html
http://www.securitytracker.com/id/1039897

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0054
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0054)
Resumen:	The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2018-0054 advisory.
Descripción:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the MGASA-2018-0054 advisory. Vulnerability Insight: libcurl contains a buffer overrun flaw in the NTLM authentication code (CVE-2017-8816). libcurl contains a read out of bounds flaw in the FTP wildcard function (CVE-2017-8817). libcurl may read outside of a heap allocated buffer when doing FTP (CVE-2017-1000254). libcurl contains a buffer overrun flaw in the IMAP handler (CVE-2017-1000257). Affected Software/OS: 'curl' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000254 BugTraq ID: 101115 http://www.securityfocus.com/bid/101115 Debian Security Information: DSA-3992 (Google Search) http://www.debian.org/security/2017/dsa-3992 https://security.gentoo.org/glsa/201712-04 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E RedHat Security Advisories: RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 RedHat Security Advisories: RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2018:3558 http://www.securitytracker.com/id/1039509 Common Vulnerability Exposure (CVE) ID: CVE-2017-1000257 BugTraq ID: 101519 http://www.securityfocus.com/bid/101519 Debian Security Information: DSA-4007 (Google Search) http://www.debian.org/security/2017/dsa-4007 RedHat Security Advisories: RHSA-2017:3263 https://access.redhat.com/errata/RHSA-2017:3263 http://www.securitytracker.com/id/1039644 Common Vulnerability Exposure (CVE) ID: CVE-2017-8816 BugTraq ID: 101998 http://www.securityfocus.com/bid/101998 Debian Security Information: DSA-4051 (Google Search) https://www.debian.org/security/2017/dsa-4051 http://www.securitytracker.com/id/1039896 http://www.securitytracker.com/id/1040608 Common Vulnerability Exposure (CVE) ID: CVE-2017-8817 BugTraq ID: 102057 http://www.securityfocus.com/bid/102057 https://lists.debian.org/debian-lts-announce/2017/11/msg00040.html http://www.securitytracker.com/id/1039897
Copyright	Copyright (C) 2022 Greenbone AG