ID de Prueba:	1.3.6.1.4.1.25623.1.0.106069
Categoría:	JunOS Local Security Checks
Título:	Junos Multiple cURL and libcurl Vulnerabilities
Resumen:	Junos OS is prone to multiple vulnerabilities in;cURL and libcurl.
Descripción:	Summary: Junos OS is prone to multiple vulnerabilities in cURL and libcurl. Vulnerability Insight: Multiple vulnerabilities in Junos OS have been resolved by updating cURL and libcurl library. These are used to support downloading updates or importing data into a Junos device. Libcurl and cURL were upgraded from 7.36.0 to 7.42.1 Vulnerability Impact: The vulnerabilities range from denial of service attacks until information disclosure. Please check the according CVE resources for more details. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3144 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 74300 http://www.securityfocus.com/bid/74300 Debian Security Information: DSA-3232 (Google Search) http://www.debian.org/security/2015/dsa-3232 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html https://security.gentoo.org/glsa/201509-02 http://www.securitytracker.com/id/1032232 SuSE Security Announcement: openSUSE-SU-2015:0799 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html http://www.ubuntu.com/usn/USN-2591-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3145 BugTraq ID: 74303 http://www.securityfocus.com/bid/74303 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:219 Common Vulnerability Exposure (CVE) ID: CVE-2014-8151 https://security.gentoo.org/glsa/201701-47 http://secunia.com/advisories/61925 Common Vulnerability Exposure (CVE) ID: CVE-2014-3613 BugTraq ID: 69748 http://www.securityfocus.com/bid/69748 Debian Security Information: DSA-3022 (Google Search) http://www.debian.org/security/2014/dsa-3022 RedHat Security Advisories: RHSA-2015:1254 http://rhn.redhat.com/errata/RHSA-2015-1254.html SuSE Security Announcement: openSUSE-SU-2014:1139 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3620 BugTraq ID: 69742 http://www.securityfocus.com/bid/69742 Common Vulnerability Exposure (CVE) ID: CVE-2015-3143 BugTraq ID: 74299 http://www.securityfocus.com/bid/74299 HPdes Security Advisory: HPSBHF03544 http://marc.info/?l=bugtraq&m=145612005512270&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2015:220 Common Vulnerability Exposure (CVE) ID: CVE-2015-3148 BugTraq ID: 74301 http://www.securityfocus.com/bid/74301 Common Vulnerability Exposure (CVE) ID: CVE-2015-3153 BugTraq ID: 74408 http://www.securityfocus.com/bid/74408 Debian Security Information: DSA-3240 (Google Search) http://www.debian.org/security/2015/dsa-3240 http://www.securitytracker.com/id/1032233 SuSE Security Announcement: openSUSE-SU-2015:0861 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3707 BugTraq ID: 70988 http://www.securityfocus.com/bid/70988 Debian Security Information: DSA-3069 (Google Search) http://www.debian.org/security/2014/dsa-3069 SuSE Security Announcement: openSUSE-SU-2015:0248 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html http://www.ubuntu.com/usn/USN-2399-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-8150 BugTraq ID: 71964 http://www.securityfocus.com/bid/71964 Debian Security Information: DSA-3122 (Google Search) http://www.debian.org/security/2015/dsa-3122 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:021 http://www.securitytracker.com/id/1032768 http://secunia.com/advisories/62075 http://secunia.com/advisories/62361 http://www.ubuntu.com/usn/USN-2474-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-0015 http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html BugTraq ID: 65270 http://www.securityfocus.com/bid/65270 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2849 (Google Search) http://www.debian.org/security/2014/dsa-2849 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securitytracker.com/id/1029710 http://secunia.com/advisories/56728 http://secunia.com/advisories/56731 http://secunia.com/advisories/56734 http://secunia.com/advisories/56912 http://secunia.com/advisories/59458 http://secunia.com/advisories/59475 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652 SuSE Security Announcement: openSUSE-SU-2014:0274 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html http://www.ubuntu.com/usn/USN-2097-1
Copyright	This script is Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.