Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.106069
Categoría:JunOS Local Security Checks
Título:Junos Multiple cURL and libcurl Vulnerabilities
Resumen:Junos OS is prone to multiple vulnerabilities in;cURL and libcurl.
Descripción:Summary:
Junos OS is prone to multiple vulnerabilities in
cURL and libcurl.

Vulnerability Insight:
Multiple vulnerabilities in Junos OS have been
resolved by updating cURL and libcurl library. These are used to support downloading
updates or importing data into a Junos device.

Libcurl and cURL were upgraded from 7.36.0 to 7.42.1

Vulnerability Impact:
The vulnerabilities range from denial of service attacks
until information disclosure. Please check the according CVE resources for more details.

Affected Software/OS:
Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-3144
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
BugTraq ID: 74300
http://www.securityfocus.com/bid/74300
Debian Security Information: DSA-3232 (Google Search)
http://www.debian.org/security/2015/dsa-3232
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html
https://security.gentoo.org/glsa/201509-02
http://www.securitytracker.com/id/1032232
SuSE Security Announcement: openSUSE-SU-2015:0799 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html
http://www.ubuntu.com/usn/USN-2591-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-3145
BugTraq ID: 74303
http://www.securityfocus.com/bid/74303
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:219
Common Vulnerability Exposure (CVE) ID: CVE-2014-8151
https://security.gentoo.org/glsa/201701-47
http://secunia.com/advisories/61925
Common Vulnerability Exposure (CVE) ID: CVE-2014-3613
BugTraq ID: 69748
http://www.securityfocus.com/bid/69748
Debian Security Information: DSA-3022 (Google Search)
http://www.debian.org/security/2014/dsa-3022
RedHat Security Advisories: RHSA-2015:1254
http://rhn.redhat.com/errata/RHSA-2015-1254.html
SuSE Security Announcement: openSUSE-SU-2014:1139 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3620
BugTraq ID: 69742
http://www.securityfocus.com/bid/69742
Common Vulnerability Exposure (CVE) ID: CVE-2015-3143
BugTraq ID: 74299
http://www.securityfocus.com/bid/74299
HPdes Security Advisory: HPSBHF03544
http://marc.info/?l=bugtraq&m=145612005512270&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2015:220
Common Vulnerability Exposure (CVE) ID: CVE-2015-3148
BugTraq ID: 74301
http://www.securityfocus.com/bid/74301
Common Vulnerability Exposure (CVE) ID: CVE-2015-3153
BugTraq ID: 74408
http://www.securityfocus.com/bid/74408
Debian Security Information: DSA-3240 (Google Search)
http://www.debian.org/security/2015/dsa-3240
http://www.securitytracker.com/id/1032233
SuSE Security Announcement: openSUSE-SU-2015:0861 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-05/msg00017.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3707
BugTraq ID: 70988
http://www.securityfocus.com/bid/70988
Debian Security Information: DSA-3069 (Google Search)
http://www.debian.org/security/2014/dsa-3069
SuSE Security Announcement: openSUSE-SU-2015:0248 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-02/msg00040.html
http://www.ubuntu.com/usn/USN-2399-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-8150
BugTraq ID: 71964
http://www.securityfocus.com/bid/71964
Debian Security Information: DSA-3122 (Google Search)
http://www.debian.org/security/2015/dsa-3122
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:021
http://www.securitytracker.com/id/1032768
http://secunia.com/advisories/62075
http://secunia.com/advisories/62361
http://www.ubuntu.com/usn/USN-2474-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0015
http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html
BugTraq ID: 65270
http://www.securityfocus.com/bid/65270
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Debian Security Information: DSA-2849 (Google Search)
http://www.debian.org/security/2014/dsa-2849
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128408.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127627.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.securitytracker.com/id/1029710
http://secunia.com/advisories/56728
http://secunia.com/advisories/56731
http://secunia.com/advisories/56734
http://secunia.com/advisories/56912
http://secunia.com/advisories/59458
http://secunia.com/advisories/59475
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.502652
SuSE Security Announcement: openSUSE-SU-2014:0274 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-02/msg00066.html
http://www.ubuntu.com/usn/USN-2097-1
CopyrightThis script is Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.