首页 > 其他分享> > Haxx curl 远程安全漏洞(CVE-2016-8619)

Haxx curl 远程安全漏洞(CVE-2016-8619)

2019-05-23 17:42:20 作者：互联网

漏洞描述 Haxx curl是瑞典Haxx公司的一套利用URL语法在命令行下工作的文件传输工具，该工具支持文件上传和下载，并包含一个用于程序开发的libcurl（客户端URL传输库）。Haxx curl 7.3至7.50.3版本中存在远程安全漏洞。攻击者可利用该漏洞执行未授权操作。解决方法以下是各Linux/Unix发行版系统针对此漏洞发布的安全公告，可以参考对应系统的安全公告修复该漏洞:Ubuntu----------------USN-3123-1: [USN-3123-1] curl vulnerabilities链接: https://www.ubuntu.com/usn/usn-3123-1Red Hat Enterprise Linux----------------链接: https://access.redhat.com/security/cve/CVE-2016-8619Gentoo----------------GLSA-201701-47: cURL: Multiple vulnerabilities链接: https://security.gentoo.org/glsa/201701-47FreeBSD----------------765feb7d-a0d1-11e6-a881-b499baebfeaf: cURL -- multiple vulnerabilities链接: http://vuxml.freebsd.org/freebsd/765feb7d-a0d1-11e6-a881-b499baebfeaf.htmlSlackware----------------SSA:2016-308-01: [slackware-security] curl (SSA:2016-308-01)链接: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.661139openSUSE----------------openSUSE-SU-2016:2768-1: openSUSE Security Update: Security update for curl链接: https://lists.opensuse.org/opensuse-security-announce/2016-11/msg00020.htmlSUSE----------------链接: https://www.suse.com/security/cve/CVE-2016-8619/Fedora----------------FEDORA-2016-89769648a0: Fedora 25 Update: curl-7.51.0-1.fc25链接: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4JYTXIUQEYYWVLG2WJOE6FOVWRSPOQBM/FEDORA-2016-e8e8cdb4ed: Fedora 24 Update: curl-7.47.1-9.fc24链接: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S35RRQRUQKGWNDB4PRIQM7ZAHJXEDFCQ/Arch Linux----------------ASA-201611-10: [arch-security] [ASA-201611-10] lib32-libcurl-gnutls: multiple issues链接: https://security.archlinux.org/ASA-201611-10ASA-201611-9: [arch-security] [ASA-201611-9] libcurl-gnutls: multiple issues链接: https://security.archlinux.org/ASA-201611-9ASA-201611-8: [arch-security] [ASA-201611-8] libcurl-compat: multiple issues链接: https://security.archlinux.org/ASA-201611-8ASA-201611-7: [arch-security] [ASA-201611-7] curl: multiple issues链接: https://security.archlinux.org/ASA-201611-7ASA-201611-5: [arch-security] [ASA-201611-5] lib32-libcurl-compat: multiple issues链接: https://security.archlinux.org/ASA-201611-5ASA-201611-4: [arch-security] [ASA-201611-4] lib32-curl: multiple issues链接: https://security.archlinux.org/ASA-201611-4Debian----------------DSA-3705: DSA-3705-1 curl -- security update链接: https://www.debian.org/security/2016/dsa-3705EulerOS----------------链接: http://developer.huawei.com/ict/cn/site-euleros/euleros/cve/CVE-2016-8619

标签：Haxx,链接,ASA,201611,https,org,curl,CVE,security
来源： https://www.cnblogs.com/mrhonest/p/10913319.html