Ubuntu Update For Curl USN-2399-1 Network Vulnerability

Summary

Check the version of curl

Solution

Please Install the Updated Packages.

Insight

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may result in sensitive data being incorrectly sent to the remote server.

Affected

curl on Ubuntu 14.10 , Ubuntu 14.04 LTS , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Detection

Get the installed version with the help of detect NVT and check if the version is vulnerable or not.

Severity

Classification

CVE CVE-2014-3707
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for bind9 USN-1139-1
Ubuntu Update for dovecot USN-1295-1
Ubuntu Update for cups, cupsys vulnerabilities USN-906-1
Ubuntu Update for apt USN-1169-1
Ubuntu Update for cpio USN-2456-1

Ubuntu Update for curl USN-2399-1

Take action and discover your vulnerabilities