Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.841706
Category:Ubuntu Local Security Checks
Title:Ubuntu Update for curl USN-2097-1
Summary:The remote host is missing an update for the 'curl'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'curl'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Paras Sethia and Yehezkel Horowitz discovered that libcurl
incorrectly reused connections when NTLM authentication was being used. This
could lead to the use of unintended credentials, possibly exposing sensitive
information.

Affected Software/OS:
curl on Ubuntu 13.10,
Ubuntu 12.10,
Ubuntu 12.04 LTS,
Ubuntu 10.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0015
http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
BugTraq ID: 65270
http://www.securityfocus.com/bid/65270
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Debian Security Information: DSA-2849 (Google Search)
http://www.debian.org/security/2014/dsa-2849
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.securitytracker.com/id/1029710
http://secunia.com/advisories/56728
http://secunia.com/advisories/56731
http://secunia.com/advisories/56734
http://secunia.com/advisories/56912
http://secunia.com/advisories/59458
http://secunia.com/advisories/59475
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652
SuSE Security Announcement: openSUSE-SU-2014:0274 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html
http://www.ubuntu.com/usn/USN-2097-1
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.