Test Kennung:	1.3.6.1.4.1.25623.1.0.891749
Kategorie:	Debian Local Security Checks
Titel:	Debian LTS: Security Advisory for golang (DLA-1749-1)
Zusammenfassung:	The remote host is missing an update for the 'golang'; package(s) announced via the DLA-1749-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'golang' package(s) announced via the DLA-1749-1 advisory. Vulnerability Insight: It was discovered that there was a CRLF injection attack in the Go programming language runtime library. Passing \r\n to http.NewRequest could allow execution of arbitrary HTTP headers or Redis commands. Affected Software/OS: 'golang' package(s) on Debian Linux. Solution: For Debian 8 'Jessie', this issue has been fixed in golang version 2:1.3.3-1+deb8u2. We recommend that you upgrade your golang packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9741 BugTraq ID: 107432 http://www.securityfocus.com/bid/107432 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TOOVCEPQM7TZA6VEZEEB7QZABXNHQEHH/ https://github.com/golang/go/issues/30794 https://lists.debian.org/debian-lts-announce/2019/04/msg00007.html https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html RedHat Security Advisories: RHSA-2019:1300 https://access.redhat.com/errata/RHSA-2019:1300 RedHat Security Advisories: RHSA-2019:1519 https://access.redhat.com/errata/RHSA-2019:1519
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.