Amazon Linux AMI : curl (ALAS-2013-210)
Medium Nessus Plugin ID 69768
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionThe tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
SolutionRun 'yum update curl' to update your system.