Amazon Linux AMI : curl (ALAS-2014-295)
Medium Nessus Plugin ID 72751
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptioncURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
SolutionRun 'yum update curl' to update your system.