Test ID:	1.3.6.1.4.1.25623.1.0.106069
Category:	JunOS Local Security Checks
Title:	Juniper Networks Junos OS Multiple cURL and libcurl Vulnerabilities
Summary:	Junos OS is prone to multiple vulnerabilities in;cURL and libcurl.
Description:	Summary: Junos OS is prone to multiple vulnerabilities in cURL and libcurl. Vulnerability Insight: Multiple vulnerabilities in Junos OS have been resolved by updating cURL and libcurl library. These are used to support downloading updates or importing data into a Junos device. Libcurl and cURL were upgraded from 7.36.0 to 7.42.1 Vulnerability Impact: The vulnerabilities range from denial of service attacks until information disclosure. Please check the according CVE resources for more details. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3144 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 74300 http://www.securityfocus.com/bid/74300 Debian Security Information: DSA-3232 (Google Search) http://www.debian.org/security/2015/dsa-3232 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html https://security.gentoo.org/glsa/201509-02 http://www.securitytracker.com/id/1032232 SuSE Security Announcement: openSUSE-SU-2015:0799 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html http://www.ubuntu.com/usn/USN-2591-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3145 BugTraq ID: 74303 http://www.securityfocus.com/bid/74303 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:219 Common Vulnerability Exposure (CVE) ID: CVE-2014-8151 https://security.gentoo.org/glsa/201701-47 http://secunia.com/advisories/61925 Common Vulnerability Exposure (CVE) ID: CVE-2014-3613 BugTraq ID: 69748 http://www.securityfocus.com/bid/69748 Debian Security Information: DSA-3022 (Google Search) http://www.debian.org/security/2014/dsa-3022 RedHat Security Advisories: RHSA-2015:1254 http://rhn.redhat.com/errata/RHSA-2015-1254.html SuSE Security Announcement: openSUSE-SU-2014:1139 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3620 BugTraq ID: 69742 http://www.securityfocus.com/bid/69742 http://www.openwall.com/lists/oss-security/2022/05/11/2 Common Vulnerability Exposure (CVE) ID: CVE-2015-3143 BugTraq ID: 74299 http://www.securityfocus.com/bid/74299 HPdes Security Advisory: HPSBHF03544 http://marc.info/?l=bugtraq&m=145612005512270&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2015:220 Common Vulnerability Exposure (CVE) ID: CVE-2015-3148 BugTraq ID: 74301 http://www.securityfocus.com/bid/74301 Common Vulnerability Exposure (CVE) ID: CVE-2015-3153 BugTraq ID: 74408 http://www.securityfocus.com/bid/74408 Debian Security Information: DSA-3240 (Google Search) http://www.debian.org/security/2015/dsa-3240 http://www.securitytracker.com/id/1032233 SuSE Security Announcement: openSUSE-SU-2015:0861 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3707 BugTraq ID: 70988 http://www.securityfocus.com/bid/70988 Debian Security Information: DSA-3069 (Google Search) http://www.debian.org/security/2014/dsa-3069 SuSE Security Announcement: openSUSE-SU-2015:0248 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html http://www.ubuntu.com/usn/USN-2399-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-8150 BugTraq ID: 71964 http://www.securityfocus.com/bid/71964 Debian Security Information: DSA-3122 (Google Search) http://www.debian.org/security/2015/dsa-3122 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:021 http://www.securitytracker.com/id/1032768 http://secunia.com/advisories/62075 http://secunia.com/advisories/62361 http://www.ubuntu.com/usn/USN-2474-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-0015 http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html BugTraq ID: 65270 http://www.securityfocus.com/bid/65270 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2849 (Google Search) http://www.debian.org/security/2014/dsa-2849 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securitytracker.com/id/1029710 http://secunia.com/advisories/56728 http://secunia.com/advisories/56731 http://secunia.com/advisories/56734 http://secunia.com/advisories/56912 http://secunia.com/advisories/59458 http://secunia.com/advisories/59475 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652 SuSE Security Announcement: openSUSE-SU-2014:0274 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html http://www.ubuntu.com/usn/USN-2097-1
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.