ID de Prueba:	1.3.6.1.4.1.25623.1.0.891294
Categoría:	Debian Local Security Checks
Título:	Debian LTS: Security Advisory for golang (DLA-1294-1)
Resumen:	It was discovered that there was an arbitrary command execution;vulnerability in the Go programming language.;;The 'go get' implementation did not correctly validate 'import path';statements for '://' which allowed remote attackers to execute arbitrary;OS commands via a crafted web site.
Descripción:	Summary: It was discovered that there was an arbitrary command execution vulnerability in the Go programming language. The 'go get' implementation did not correctly validate 'import path' statements for '://' which allowed remote attackers to execute arbitrary OS commands via a crafted web site. Affected Software/OS: golang on Debian Linux Solution: For Debian 7 'Wheezy', this issue has been fixed in golang version 2:1.0.2-1.1+deb7u3. We recommend that you upgrade your golang packages. The Debian LTS team would like to thank Abhijith PA for preparing this update. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7187 Debian Security Information: DSA-4379 (Google Search) https://www.debian.org/security/2019/dsa-4379 Debian Security Information: DSA-4380 (Google Search) https://www.debian.org/security/2019/dsa-4380 https://security.gentoo.org/glsa/201804-12 https://gist.github.com/SLAYEROWNER/b2a358f13ab267f2e9543bb9f9320ffc https://lists.debian.org/debian-lts-announce/2018/02/msg00029.html
Copyright	Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.