Test ID:	1.3.6.1.4.1.25623.1.0.71076
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1346-1 (libcurl3)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libcurl3 announced via advisory USN-1346-1. Details: Dan Fandrich discovered that curl incorrectly handled URLs containing embedded or percent-encoded control characters. If a user or automated system were tricked into processing a specially crafted URL, arbitrary data could be injected. Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libcurl3 7.21.6-3ubuntu3.2 libcurl3-gnutls 7.21.6-3ubuntu3.2 libcurl3-nss 7.21.6-3ubuntu3.2 Ubuntu 11.04: libcurl3 7.21.3-1ubuntu1.5 libcurl3-gnutls 7.21.3-1ubuntu1.5 libcurl3-nss 7.21.3-1ubuntu1.5 Ubuntu 10.10: libcurl3 7.21.0-1ubuntu1.3 libcurl3-gnutls 7.21.0-1ubuntu1.3 http://www.securityspace.com/smysecure/catid.html?in=USN-1346-1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0036 1032924 http://www.securitytracker.com/id/1032924 48256 http://secunia.com/advisories/48256 51665 http://www.securityfocus.com/bid/51665 APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html DSA-2398 http://www.debian.org/security/2012/dsa-2398 GLSA-201203-02 http://security.gentoo.org/glsa/glsa-201203-02.xml HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 MDVSA-2012:058 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 SSRT100877 http://curl.haxx.se/curl-url-sanitize.patch http://curl.haxx.se/docs/adv_20120124.html http://support.apple.com/kb/HT5281 http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html https://bugzilla.redhat.com/show_bug.cgi?id=773457 https://github.com/bagder/curl/commit/75ca568fa1c19de4c5358fed246686de8467c238 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03760en_us
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.