Test Kennung:	1.3.6.1.4.1.25623.1.0.844016
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for python-urllib3 USN-3990-1
Zusammenfassung:	The remote host is missing an update for the 'python-urllib3'; package(s) announced via the USN-3990-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'python-urllib3' package(s) announced via the USN-3990-1 advisory. Vulnerability Insight: It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20060) It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-11236) It was discovered that urllib3 incorrectly handled situations where a desired set of CA certificates were specified. This could result in certificates being accepted by the default CA certificates contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-11324) Affected Software/OS: 'python-urllib3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-20060 Common Vulnerability Exposure (CVE) ID: CVE-2019-11236 Common Vulnerability Exposure (CVE) ID: CVE-2019-11324
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.