Test ID:	1.3.6.1.4.1.25623.1.0.122508
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2009-0341)
Summary:	The remote host is missing an update for the 'curl' package(s) announced via the ELSA-2009-0341 advisory.
Description:	Summary: The remote host is missing an update for the 'curl' package(s) announced via the ELSA-2009-0341 advisory. Vulnerability Insight: [7.15.5-2.1.el5_3.4] - another correction of the patch for CVE-2009-0037 [7.15.5-2.1.el5_3.3] - forwardport one hunk from upstream curl-7.15.1 Related: #485290 [7.15.5-2.1.el5_3.2] - fix hunk applied to wrong place due to nonzero patch fuzz Related: #485289 [7.15.5-2.1.el5_3.1] - fix CVE-2009-0037 Resolves: #485289 Affected Software/OS: 'curl' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0037 1021783 http://www.securitytracker.com/id?1021783 20090312 rPSA-2009-0042-1 curl http://www.securityfocus.com/archive/1/501757/100/0/threaded 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://www.securityfocus.com/archive/1/504849/100/0/threaded 33962 http://www.securityfocus.com/bid/33962 34138 http://secunia.com/advisories/34138 34202 http://secunia.com/advisories/34202 34237 http://secunia.com/advisories/34237 34251 http://secunia.com/advisories/34251 34255 http://secunia.com/advisories/34255 34259 http://secunia.com/advisories/34259 34399 http://secunia.com/advisories/34399 35766 http://secunia.com/advisories/35766 ADV-2009-0581 http://www.vupen.com/english/advisories/2009/0581 ADV-2009-1865 http://www.vupen.com/english/advisories/2009/1865 APPLE-SA-2010-03-29-1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html DSA-1738 http://www.debian.org/security/2009/dsa-1738 GLSA-200903-21 http://security.gentoo.org/glsa/glsa-200903-21.xml RHSA-2009:0341 http://www.redhat.com/support/errata/RHSA-2009-0341.html SSA:2009-069-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602 SUSE-SR:2009:006 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html USN-726-1 http://www.ubuntu.com/usn/USN-726-1 [Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://lists.vmware.com/pipermail/security-announce/2009/000060.html curl-location-security-bypass(49030) https://exchange.xforce.ibmcloud.com/vulnerabilities/49030 http://curl.haxx.se/docs/adv_20090303.html http://curl.haxx.se/lxr/source/CHANGES http://support.apple.com/kb/HT4077 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042 http://www.vmware.com/security/advisories/VMSA-2009-0009.html http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/ http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf oval:org.mitre.oval:def:11054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11054 oval:org.mitre.oval:def:6074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6074
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.