ID OPENVAS:1361412562310868827 Type openvas Reporter Copyright (C) 2015 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check the version of curl
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for curl FEDORA-2014-16690
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.868827");
script_version("$Revision: 6630 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)");
script_cve_id("CVE-2014-3707", "CVE-2014-3613", "CVE-2014-3620", "CVE-2014-0138",
"CVE-2014-0015", "CVE-2013-2174");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Fedora Update for curl FEDORA-2014-16690");
script_tag(name: "summary", value: "Check the version of curl");
script_tag(name: "vuldetect", value: "Get the installed version with the help of detect NVT and check if the version is vulnerable or not.");
script_tag(name: "insight", value: "curl is a command line tool for transferring data with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,
SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP
uploading, HTTP form based upload, proxies, cookies, user+password
authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer
resume, proxy tunneling and a busload of other useful tricks.
");
script_tag(name: "affected", value: "curl on Fedora 19");
script_tag(name: "solution", value: "Please Install the Updated Packages.");
script_xref(name: "FEDORA", value: "2014-16690");
script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC19")
{
if ((res = isrpmvuln(pkg:"curl", rpm:"curl~7.29.0~27.fc19", rls:"FC19")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:1361412562310868827", "bulletinFamily": "scanner", "title": "Fedora Update for curl FEDORA-2014-16690", "description": "Check the version of curl", "published": "2015-01-05T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868827", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2014-16690", "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html"], "cvelist": ["CVE-2014-3613", "CVE-2014-3707", "CVE-2014-0015", "CVE-2014-3620", "CVE-2013-2174", "CVE-2014-0138"], "type": "openvas", "lastseen": "2018-09-01T23:49:18", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3613", "CVE-2014-3707", "CVE-2014-0015", "CVE-2014-3620", "CVE-2013-2174", "CVE-2014-0138"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of curl", "edition": 2, "enchantments": {}, "hash": "b4cd63cb189b08dfa37c072811478b125b5802159b78839c401de49cc2e95ce8", "hashmap": [{"hash": "1d6bb176eaa589528abf9244feeb2e67", "key": "cvelist"}, {"hash": "6a10b5cf9c07df1925e095e323a41493", "key": "sourceData"}, {"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "db5601f37dd8723d8d61ddd89dcf7d09", "key": "pluginID"}, {"hash": "e0f9f6bb48e08ba6af68fc7d31f7853f", "key": "modified"}, {"hash": "33519e4521461e6488d1f942bb749cb8", "key": "references"}, {"hash": "d18694dbd9e458558c5088e656a0f177", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "e3ec1875e0e4d64fa453d6a46b69e18d", "key": "description"}, {"hash": "1e898993712db5cf9f9a110102684025", "key": "reporter"}, {"hash": "a83ccfb6cd315748190980a0f1c4425a", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868827", "id": "OPENVAS:1361412562310868827", "lastseen": "2017-07-20T08:53:30", "modified": "2017-07-05T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310868827", "published": "2015-01-05T00:00:00", "references": ["2014-16690", "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html"], "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868827\");\n script_version(\"$Revision: 6534 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-05 11:58:29 +0200 (Wed, 05 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-16690\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16690\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~27.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for curl FEDORA-2014-16690", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-20T08:53:30"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3613", "CVE-2014-3707", "CVE-2014-0015", "CVE-2014-3620", "CVE-2013-2174", "CVE-2014-0138"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check the version of curl", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "64602c7fe5efe226da1f6ebe84523c94526a26a439a4cbff46121c659d509ecd", "hashmap": [{"hash": "1d6bb176eaa589528abf9244feeb2e67", "key": "cvelist"}, {"hash": "cca59a22228aefc3eb4ed47ace72ac84", "key": "sourceData"}, {"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "db5601f37dd8723d8d61ddd89dcf7d09", "key": "pluginID"}, {"hash": "33519e4521461e6488d1f942bb749cb8", "key": "references"}, {"hash": "d18694dbd9e458558c5088e656a0f177", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "e3ec1875e0e4d64fa453d6a46b69e18d", "key": "description"}, {"hash": "1e898993712db5cf9f9a110102684025", "key": "reporter"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}, {"hash": "a83ccfb6cd315748190980a0f1c4425a", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868827", "id": "OPENVAS:1361412562310868827", "lastseen": "2018-08-30T19:21:46", "modified": "2017-07-10T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310868827", "published": "2015-01-05T00:00:00", "references": ["2014-16690", "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html"], "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868827\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-16690\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16690\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~27.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for curl FEDORA-2014-16690", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:21:46"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3613", "CVE-2014-3707", "CVE-2014-0015", "CVE-2014-3620", "CVE-2013-2174", "CVE-2014-0138"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of curl", "edition": 1, "enchantments": {}, "hash": "985d1c12a1f6bdfd0996232bb6544221c8b4d18c82772063f7a00bfd4074ed19", "hashmap": [{"hash": "1d6bb176eaa589528abf9244feeb2e67", "key": "cvelist"}, {"hash": "c40b903ef912c1c773edb1cd7cf44e35", "key": "modified"}, {"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "db5601f37dd8723d8d61ddd89dcf7d09", "key": "pluginID"}, {"hash": "33519e4521461e6488d1f942bb749cb8", "key": "references"}, {"hash": "d18694dbd9e458558c5088e656a0f177", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "64135bbd6cceaa766e0e2432ef114a17", "key": "sourceData"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "e3ec1875e0e4d64fa453d6a46b69e18d", "key": "description"}, {"hash": "1e898993712db5cf9f9a110102684025", "key": "reporter"}, {"hash": "a83ccfb6cd315748190980a0f1c4425a", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868827", "id": "OPENVAS:1361412562310868827", "lastseen": "2017-07-02T21:12:35", "modified": "2016-05-18T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310868827", "published": "2015-01-05T00:00:00", "references": ["2014-16690", "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html"], "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868827\");\n script_version(\"$Revision: 3340 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-05-18 09:41:03 +0200 (Wed, 18 May 2016) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-16690\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16690\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_summary(\"Check for the Version of curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~27.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for curl FEDORA-2014-16690", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:12:35"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2014-3613", "CVE-2014-3707", "CVE-2014-0015", "CVE-2014-3620", "CVE-2013-2174", "CVE-2014-0138"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of curl", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "cefb6dad82e9237dff1df511f096d9078b1c9b3131bd7d508d70eed2b95e4196", "hashmap": [{"hash": "1d6bb176eaa589528abf9244feeb2e67", "key": "cvelist"}, {"hash": "cca59a22228aefc3eb4ed47ace72ac84", "key": "sourceData"}, {"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "db5601f37dd8723d8d61ddd89dcf7d09", "key": "pluginID"}, {"hash": "33519e4521461e6488d1f942bb749cb8", "key": "references"}, {"hash": "d18694dbd9e458558c5088e656a0f177", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "e3ec1875e0e4d64fa453d6a46b69e18d", "key": "description"}, {"hash": "1e898993712db5cf9f9a110102684025", "key": "reporter"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}, {"hash": "a83ccfb6cd315748190980a0f1c4425a", "key": "href"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868827", "id": "OPENVAS:1361412562310868827", "lastseen": "2017-07-25T10:53:53", "modified": "2017-07-10T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310868827", "published": "2015-01-05T00:00:00", "references": ["2014-16690", "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html"], "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868827\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-16690\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16690\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~27.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for curl FEDORA-2014-16690", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-07-25T10:53:53"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "1d6bb176eaa589528abf9244feeb2e67"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "e3ec1875e0e4d64fa453d6a46b69e18d"}, {"key": "href", "hash": "a83ccfb6cd315748190980a0f1c4425a"}, {"key": "modified", "hash": "0d134bf170d66438eb1e01173ee0187f"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "db5601f37dd8723d8d61ddd89dcf7d09"}, {"key": "published", "hash": "159295b50f9d93a2f99cf6471805b8ab"}, {"key": "references", "hash": "33519e4521461e6488d1f942bb749cb8"}, {"key": "reporter", "hash": "1e898993712db5cf9f9a110102684025"}, {"key": "sourceData", "hash": "cca59a22228aefc3eb4ed47ace72ac84"}, {"key": "title", "hash": "d18694dbd9e458558c5088e656a0f177"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "cefb6dad82e9237dff1df511f096d9078b1c9b3131bd7d508d70eed2b95e4196", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "f5", "idList": ["SOL85307687", "F5:K85307687", "SOL15862"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310868370", "OPENVAS:1361412562310868469", "OPENVAS:1361412562310868581", "OPENVAS:1361412562310868525", "OPENVAS:1361412562310868913", "OPENVAS:1361412562310868185", "OPENVAS:867656", "OPENVAS:1361412562310867656", "OPENVAS:1361412562310868702", "OPENVAS:1361412562310868649"]}, {"type": "cve", "idList": ["CVE-2014-3613", "CVE-2013-2174", "CVE-2014-3707", "CVE-2014-0138", "CVE-2014-0015", "CVE-2014-3620"]}, {"type": "nessus", "idList": ["FEDORA_2014-17596.NASL", "FEDORA_2014-17601.NASL", "MANDRIVA_MDVSA-2015-098.NASL", "SL_20140527_CURL_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2014-0561.NASL", "CENTOS_RHSA-2014-0561.NASL", "ORACLEVM_OVMSA-2015-0107.NASL", "REDHAT-RHSA-2014-0561.NASL", "UBUNTU_USN-2346-1.NASL", "FEDORA_2014-10679.NASL"]}, {"type": "amazon", "idList": ["ALAS-2014-322", "ALAS-2014-407"]}, {"type": "centos", "idList": ["CESA-2014:0561", "CESA-2015:1254", "CESA-2015:2159"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0561", "ELSA-2015-2159", "ELSA-2015-1254"]}, {"type": "redhat", "idList": ["RHSA-2014:0561", "RHSA-2015:2159", "RHSA-2015:1254", "RHSA-2013:0983"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13962", "SECURITYVULNS:DOC:31077"]}, {"type": "ubuntu", "idList": ["USN-2346-1", "USN-2399-1"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:1139-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3022-1:5F994", "DEBIAN:DSA-2713-1:7FDD9"]}, {"type": "archlinux", "idList": ["ASA-201411-7"]}, {"type": "seebug", "idList": ["SSV:60852"]}, {"type": "hackerone", "idList": ["H1:104014"]}], "modified": "2018-09-01T23:49:18"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868827\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:42 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-16690\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16690\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147371.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~27.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "1361412562310868827"}
{"f5": [{"lastseen": "2016-11-16T17:25:51", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should only permit access to the ARX system over a secure network and limit login access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-11-16T00:00:00", "published": "2016-11-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/85/sol85307687.html", "id": "SOL85307687", "title": "SOL85307687 - cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-06-08T00:16:11", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 476510 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Low| libcurl \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should only permit access to the ARX system over a secure network and limit login access to trusted users.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-13T23:41:00", "published": "2016-11-16T18:43:00", "href": "https://support.f5.com/csp/article/K85307687", "id": "F5:K85307687", "type": "f5", "title": "cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:01", "bulletinFamily": "software", "description": "Recommended Action\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should avoid using the local **cURL** utility on the vulnerable system, if feasible. Additionally, you should only permit access to the system over a secure network and limit login access to trusted users. For more information about securing access to the system, refer to SOL13092: Overview of securing access to the BIG-IP system. \n\n\n**ARX**\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you should only permit access to the ARX system over a secure network and limit login access to trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2014-11-25T00:00:00", "published": "2014-11-25T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15862.html", "id": "SOL15862", "title": "SOL15862 - Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139", "type": "f5", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2018-09-01T23:54:43", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-13T00:00:00", "published": "2014-10-09T00:00:00", "id": "OPENVAS:1361412562310868370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868370", "title": "Fedora Update for curl FEDORA-2014-10714", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-10714\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868370\");\n script_version(\"$Revision: 6715 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-09 06:00:42 +0200 (Thu, 09 Oct 2014)\");\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\", \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-10714\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for\ntransferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS,\nSCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3\nand RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-10714\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140147.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~23.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:55:18", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-11T00:00:00", "published": "2014-12-14T00:00:00", "id": "OPENVAS:1361412562310868581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868581", "title": "Fedora Update for curl FEDORA-2014-16538", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-16538\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868581\");\n script_version(\"$Revision: 6663 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 11:58:05 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-14 05:56:11 +0100 (Sun, 14 Dec 2014)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for curl FEDORA-2014-16538\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-16538\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146090.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~17.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:54:54", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-12T00:00:00", "published": "2014-11-11T00:00:00", "id": "OPENVAS:1361412562310868469", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868469", "title": "Fedora Update for curl FEDORA-2014-14354", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-14354\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868469\");\n script_version(\"$Revision: 6692 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:57:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-11 06:21:24 +0100 (Tue, 11 Nov 2014)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\", \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for curl FEDORA-2014-14354\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-14354\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143271.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~15.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:54:36", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-14T00:00:00", "published": "2014-12-02T00:00:00", "id": "OPENVAS:1361412562310868525", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868525", "title": "Fedora Update for curl FEDORA-2014-15706", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-15706\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868525\");\n script_version(\"$Revision: 6724 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-02 05:21:56 +0100 (Tue, 02 Dec 2014)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\", \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for curl FEDORA-2014-15706\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-15706\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~16.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:51:00", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-10T00:00:00", "published": "2015-01-11T00:00:00", "id": "OPENVAS:1361412562310868913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868913", "title": "Fedora Update for curl FEDORA-2015-0418", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2015-0418\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868913\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-11 06:21:48 +0100 (Sun, 11 Jan 2015)\");\n script_cve_id(\"CVE-2014-8150\", \"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\",\n \"CVE-2014-0138\", \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for curl FEDORA-2015-0418\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring\ndata with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET,\nDICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates,\nHTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,\nuser+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file\ntransfer resume, proxy tunneling and a busload of other useful tricks. \");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-0418\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~18.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:54:21", "bulletinFamily": "scanner", "description": "Check for the Version of curl", "modified": "2018-04-06T00:00:00", "published": "2014-09-14T00:00:00", "id": "OPENVAS:1361412562310868185", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868185", "title": "Fedora Update for curl FEDORA-2014-10741", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-10741\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868185\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-14 05:54:31 +0200 (Sun, 14 Sep 2014)\");\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\", \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for curl FEDORA-2014-10741\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for transferring\ndata with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET,\nDICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates,\nHTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,\nuser+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...),\nfile transfer resume, proxy tunneling and a busload of other useful tricks.\");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name: \"FEDORA\", value: \"2014-10741\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137656.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~13.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:48:20", "bulletinFamily": "scanner", "description": "Check for the Version of curl", "modified": "2017-07-10T00:00:00", "published": "2014-04-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867656", "id": "OPENVAS:867656", "title": "Fedora Update for curl FEDORA-2014-4449", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-4449\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867656);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 11:18:51 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0138\", \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-4449\");\n\n tag_insight = \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\";\n\n tag_affected = \"curl on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4449\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/130856.html\");\n script_summary(\"Check for the Version of curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~17.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:55:25", "bulletinFamily": "scanner", "description": "Check for the Version of curl", "modified": "2018-04-06T00:00:00", "published": "2014-04-03T00:00:00", "id": "OPENVAS:1361412562310867656", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867656", "title": "Fedora Update for curl FEDORA-2014-4449", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2014-4449\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867656\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 11:18:51 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0138\", \"CVE-2014-0015\", \"CVE-2013-2174\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for curl FEDORA-2014-4449\");\n\n tag_insight = \"curl is a command line tool for transferring data with URL syntax, supporting\nFTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,\nSMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP\nuploading, HTTP form based upload, proxies, cookies, user+password\nauthentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer\nresume, proxy tunneling and a busload of other useful tricks.\n\";\n\n tag_affected = \"curl on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4449\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/130856.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~17.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:49:39", "bulletinFamily": "scanner", "description": "Check the version of mingw-curl", "modified": "2017-07-10T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868702", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868702", "title": "Fedora Update for mingw-curl FEDORA-2014-17601", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-curl FEDORA-2014-17601\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868702\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:43:24 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3707\", \"CVE-2014-3620\", \"CVE-2014-3613\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for mingw-curl FEDORA-2014-17601\");\n script_tag(name: \"summary\", value: \"Check the version of mingw-curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,\nDICT, TELNET and TFTP servers, using any of the supported protocols.\ncURL is designed to work without user interaction or any kind of\ninteractivity. cURL offers many useful capabilities, like proxy\nsupport, user authentication, FTP upload, HTTP post, and file transfer\nresume.\n\nThis is the MinGW cross-compiled Windows library.\n\");\n script_tag(name: \"affected\", value: \"mingw-curl on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-17601\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147347.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-curl\", rpm:\"mingw-curl~7.39.0~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:50:17", "bulletinFamily": "scanner", "description": "Check the version of curl", "modified": "2017-07-10T00:00:00", "published": "2015-04-29T00:00:00", "id": "OPENVAS:1361412562310869308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869308", "title": "Fedora Update for curl FEDORA-2015-6712", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for curl FEDORA-2015-6712\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869308\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-04-29 05:26:56 +0200 (Wed, 29 Apr 2015)\");\n script_cve_id(\"CVE-2015-3143\", \"CVE-2015-3145\", \"CVE-2015-3148\", \"CVE-2014-8150\",\n \"CVE-2014-3707\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-0138\",\n \"CVE-2014-0015\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for curl FEDORA-2015-6712\");\n script_tag(name: \"summary\", value: \"Check the version of curl\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"curl is a command line tool for\ntransferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP,\nTFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports\nSSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,\nproxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,\nkerberos...), file transfer resume, proxy tunneling and a busload of other useful\ntricks.\n\");\n script_tag(name: \"affected\", value: \"curl on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-6712\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.32.0~20.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a \"%\" (percent) character.", "modified": "2018-10-30T12:27:33", "published": "2013-07-31T09:20:25", "id": "CVE-2013-2174", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2174", "title": "CVE-2013-2174", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:21:41", "bulletinFamily": "NVD", "description": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.", "modified": "2018-01-04T21:29:50", "published": "2014-11-18T10:59:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3613", "id": "CVE-2014-3613", "title": "CVE-2014-3613", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-01T05:14:34", "bulletinFamily": "NVD", "description": "The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.", "modified": "2018-10-30T12:27:35", "published": "2014-11-15T15:59:00", "id": "CVE-2014-3707", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3707", "title": "CVE-2014-3707", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-10-10T11:05:18", "bulletinFamily": "NVD", "description": "The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.", "modified": "2018-10-09T15:36:15", "published": "2014-04-15T10:55:04", "id": "CVE-2014-0138", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0138", "title": "CVE-2014-0138", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-18T15:54:56", "bulletinFamily": "NVD", "description": "cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.", "modified": "2016-12-02T22:01:25", "published": "2014-11-18T10:59:01", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3620", "id": "CVE-2014-3620", "title": "CVE-2014-3620", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-10T11:05:18", "bulletinFamily": "NVD", "description": "cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.", "modified": "2018-10-09T15:35:04", "published": "2014-02-01T19:55:05", "id": "CVE-2014-0015", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0015", "title": "CVE-2014-0015", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2019-01-16T20:20:32", "bulletinFamily": "scanner", "description": "- Update to 7.39.0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-19T00:00:00", "published": "2015-01-02T00:00:00", "id": "FEDORA_2014-17596.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80324", "title": "Fedora 20 : mingw-curl-7.39.0-1.fc20 (2014-17596)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17596.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80324);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:31 $\");\n\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-3707\");\n script_bugtraq_id(69742, 69748, 70988);\n script_xref(name:\"FEDORA\", value:\"2014-17596\");\n\n script_name(english:\"Fedora 20 : mingw-curl-7.39.0-1.fc20 (2014-17596)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 7.39.0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1140037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1160724\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147351.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3c320ca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-curl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"mingw-curl-7.39.0-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-curl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:20:32", "bulletinFamily": "scanner", "description": "- Update to 7.39.0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-19T00:00:00", "published": "2015-01-02T00:00:00", "id": "FEDORA_2014-17601.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80325", "title": "Fedora 21 : mingw-curl-7.39.0-1.fc21 (2014-17601)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17601.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80325);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:31 $\");\n\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-3707\");\n script_bugtraq_id(69742, 69748, 70988);\n script_xref(name:\"FEDORA\", value:\"2014-17601\");\n\n script_name(english:\"Fedora 21 : mingw-curl-7.39.0-1.fc21 (2014-17601)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 7.39.0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1140037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1160724\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147347.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42352818\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-curl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"mingw-curl-7.39.0-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-curl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:21:10", "bulletinFamily": "scanner", "description": "Updated curl packages fix security vulnerabilities :\n\nParas Sethia discovered that libcurl would sometimes mix up multiple\nHTTP and HTTPS connections with NTLM authentication to the same\nserver, sending requests for one user over the connection\nauthenticated as a different user (CVE-2014-0015).\n\nlibcurl can in some circumstances re-use the wrong connection when\nasked to do transfers using other protocols than HTTP and FTP, causing\na transfer that was initiated by an application to wrongfully re-use\nan existing connection to the same server that was authenticated using\ndifferent credentials (CVE-2014-0138).\n\nlibcurl incorrectly validates wildcard SSL certificates containing\nliteral IP addresses, so under certain conditions, it would allow and\nuse a wildcard match specified in the CN field, allowing a malicious\nserver to participate in a MITM attack or just fool users into\nbelieving that it is a legitimate site (CVE-2014-0139).\n\nIn cURL before 7.38.0, libcurl can be fooled to both sending cookies\nto wrong sites and into allowing arbitrary sites to set cookies for\nothers. For this problem to trigger, the client application must use\nthe numerical IP address in the URL to access the site\n(CVE-2014-3613).\n\nIn cURL before 7.38.0, libcurl wrongly allows cookies to be set for\nTop Level Domains (TLDs), thus making them apply broader than cookies\nare allowed. This can allow arbitrary sites to set cookies that then\nwould get sent to a different and unrelated site or domain\n(CVE-2014-3620).\n\nSymeon Paraschoudis discovered that the curl_easy_duphandle() function\nin cURL has a bug that can lead to libcurl eventually sending off\nsensitive data that was not intended for sending, while performing a\nHTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and\ncurl_easy_duphandle() to be used in that order, and then the duplicate\nhandle must be used to perform the HTTP POST. The curl command line\ntool is not affected by this problem as it does not use this sequence\n(CVE-2014-3707).\n\nWhen libcurl sends a request to a server via a HTTP proxy, it copies\nthe entire URL into the request and sends if off. If the given URL\ncontains line feeds and carriage returns those will be sent along to\nthe proxy too, which allows the program to for example send a separate\nHTTP request injected embedded in the URL (CVE-2014-8150).", "modified": "2018-07-19T00:00:00", "published": "2015-03-30T00:00:00", "id": "MANDRIVA_MDVSA-2015-098.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82351", "title": "Mandriva Linux Security Advisory : curl (MDVSA-2015:098)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:098. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82351);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/07/19 20:59:19\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\", \"CVE-2014-0139\", \"CVE-2014-3613\", \"CVE-2014-3620\", \"CVE-2014-3707\", \"CVE-2014-8150\");\n script_xref(name:\"MDVSA\", value:\"2015:098\");\n\n script_name(english:\"Mandriva Linux Security Advisory : curl (MDVSA-2015:098)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages fix security vulnerabilities :\n\nParas Sethia discovered that libcurl would sometimes mix up multiple\nHTTP and HTTPS connections with NTLM authentication to the same\nserver, sending requests for one user over the connection\nauthenticated as a different user (CVE-2014-0015).\n\nlibcurl can in some circumstances re-use the wrong connection when\nasked to do transfers using other protocols than HTTP and FTP, causing\na transfer that was initiated by an application to wrongfully re-use\nan existing connection to the same server that was authenticated using\ndifferent credentials (CVE-2014-0138).\n\nlibcurl incorrectly validates wildcard SSL certificates containing\nliteral IP addresses, so under certain conditions, it would allow and\nuse a wildcard match specified in the CN field, allowing a malicious\nserver to participate in a MITM attack or just fool users into\nbelieving that it is a legitimate site (CVE-2014-0139).\n\nIn cURL before 7.38.0, libcurl can be fooled to both sending cookies\nto wrong sites and into allowing arbitrary sites to set cookies for\nothers. For this problem to trigger, the client application must use\nthe numerical IP address in the URL to access the site\n(CVE-2014-3613).\n\nIn cURL before 7.38.0, libcurl wrongly allows cookies to be set for\nTop Level Domains (TLDs), thus making them apply broader than cookies\nare allowed. This can allow arbitrary sites to set cookies that then\nwould get sent to a different and unrelated site or domain\n(CVE-2014-3620).\n\nSymeon Paraschoudis discovered that the curl_easy_duphandle() function\nin cURL has a bug that can lead to libcurl eventually sending off\nsensitive data that was not intended for sending, while performing a\nHTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and\ncurl_easy_duphandle() to be used in that order, and then the duplicate\nhandle must be used to perform the HTTP POST. The curl command line\ntool is not affected by this problem as it does not use this sequence\n(CVE-2014-3707).\n\nWhen libcurl sends a request to a server via a HTTP proxy, it copies\nthe entire URL into the request and sends if off. If the given URL\ncontains line feeds and carriage returns those will be sent along to\nthe proxy too, which allows the program to for example send a separate\nHTTP request injected embedded in the URL (CVE-2014-8150).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0153.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0385.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0020.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"curl-7.34.0-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"curl-examples-7.34.0-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64curl-devel-7.34.0-3.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64curl4-7.34.0-3.1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:28", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2014:0561 :\n\nUpdated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.", "modified": "2015-12-01T00:00:00", "published": "2014-05-28T00:00:00", "id": "ORACLELINUX_ELSA-2014-0561.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74203", "title": "Oracle Linux 6 : curl (ELSA-2014-0561)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0561 and \n# Oracle Linux Security Advisory ELSA-2014-0561 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74203);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:25:13 $\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\");\n script_bugtraq_id(65270, 66457);\n script_xref(name:\"RHSA\", value:\"2014:0561\");\n\n script_name(english:\"Oracle Linux 6 : curl (ELSA-2014-0561)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0561 :\n\nUpdated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004148.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libcurl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libcurl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"libcurl-devel-7.19.7-37.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / libcurl / libcurl-devel\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:28", "bulletinFamily": "scanner", "description": "Updated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.", "modified": "2018-11-10T00:00:00", "published": "2014-05-29T00:00:00", "id": "CENTOS_RHSA-2014-0561.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74227", "title": "CentOS 6 : curl (CESA-2014:0561)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0561 and \n# CentOS Errata and Security Advisory 2014:0561 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74227);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\");\n script_bugtraq_id(65270, 66457);\n script_xref(name:\"RHSA\", value:\"2014:0561\");\n\n script_name(english:\"CentOS 6 : curl (CESA-2014:0561)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-May/020321.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79deafab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libcurl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libcurl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"libcurl-devel-7.19.7-37.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:28", "bulletinFamily": "scanner", "description": "It was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nThis update also fixes the following bugs :\n\n - Previously, the libcurl library was closing a network\n socket without first terminating the SSL connection\n using the socket. This resulted in a write after close\n and consequent leakage of memory dynamically allocated\n by the SSL library. An upstream patch has been applied\n on libcurl to fix this bug. As a result, the write after\n close no longer happens, and the SSL library no longer\n leaks memory.\n\n - Previously, the libcurl library did not implement a\n non-blocking SSL handshake, which negatively affected\n performance of applications based on libcurl's multi\n API. To fix this bug, the non-blocking SSL handshake has\n been implemented by libcurl. With this update, libcurl's\n multi API immediately returns the control back to the\n application whenever it cannot read/write data from/to\n the underlying network socket.\n\n - Previously, the curl package could not be rebuilt from\n sources due to an expired cookie in the upstream\n test-suite, which runs during the build. An upstream\n patch has been applied to postpone the expiration date\n of the cookie, which makes it possible to rebuild the\n package from sources again.\n\n - Previously, the libcurl library attempted to\n authenticate using Kerberos whenever such an\n authentication method was offered by the server. This\n caused problems when the server offered multiple\n authentication methods and Kerberos was not the selected\n one. An upstream patch has been applied on libcurl to\n fix this bug. Now libcurl no longer uses Kerberos\n authentication if another authentication method is\n selected.\n\nAll running applications that use libcurl have to be restarted for\nthis update to take effect.", "modified": "2018-12-28T00:00:00", "published": "2014-05-28T00:00:00", "id": "SL_20140527_CURL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74208", "title": "Scientific Linux Security Update : curl on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74208);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/28 10:10:35\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\");\n\n script_name(english:\"Scientific Linux Security Update : curl on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nThis update also fixes the following bugs :\n\n - Previously, the libcurl library was closing a network\n socket without first terminating the SSL connection\n using the socket. This resulted in a write after close\n and consequent leakage of memory dynamically allocated\n by the SSL library. An upstream patch has been applied\n on libcurl to fix this bug. As a result, the write after\n close no longer happens, and the SSL library no longer\n leaks memory.\n\n - Previously, the libcurl library did not implement a\n non-blocking SSL handshake, which negatively affected\n performance of applications based on libcurl's multi\n API. To fix this bug, the non-blocking SSL handshake has\n been implemented by libcurl. With this update, libcurl's\n multi API immediately returns the control back to the\n application whenever it cannot read/write data from/to\n the underlying network socket.\n\n - Previously, the curl package could not be rebuilt from\n sources due to an expired cookie in the upstream\n test-suite, which runs during the build. An upstream\n patch has been applied to postpone the expiration date\n of the cookie, which makes it possible to rebuild the\n package from sources again.\n\n - Previously, the libcurl library attempted to\n authenticate using Kerberos whenever such an\n authentication method was offered by the server. This\n caused problems when the server offered multiple\n authentication methods and Kerberos was not the selected\n one. An upstream patch has been applied on libcurl to\n fix this bug. Now libcurl no longer uses Kerberos\n authentication if another authentication method is\n selected.\n\nAll running applications that use libcurl have to be restarted for\nthis update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1405&L=scientific-linux-errata&T=0&P=1281\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5293da7c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"curl-debuginfo-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libcurl-7.19.7-37.el6_5.3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"libcurl-devel-7.19.7-37.el6_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:22:08", "bulletinFamily": "scanner", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - require credentials to match for NTLM re-use\n (CVE-2015-3143)\n\n - close Negotiate connections when done (CVE-2015-3148)\n\n - reject CRLFs in URLs passed to proxy (CVE-2014-8150)\n\n - use only full matches for hosts used as IP address in\n cookies (CVE-2014-3613)\n\n - fix handling of CURLOPT_COPYPOSTFIELDS in\n curl_easy_duphandle (CVE-2014-3707)\n\n - fix manpage typos found using aspell (#1011101)\n\n - fix comments about loading CA certs with NSS in man\n pages (#1011083)\n\n - fix handling of DNS cache timeout while a transfer is in\n progress (#835898)\n\n - eliminate unnecessary inotify events on upload via file\n protocol (#883002)\n\n - use correct socket type in the examples (#997185)\n\n - do not crash if MD5 fingerprint is not provided by\n libssh2 (#1008178)\n\n - fix SIGSEGV of curl --retry when network is down\n (#1009455)\n\n - allow to use TLS 1.1 and TLS 1.2 (#1012136)\n\n - docs: update the links to cipher-suites supported by NSS\n (#1104160)\n\n - allow to use ECC ciphers if NSS implements them\n (#1058767)\n\n - make curl --trace-time print correct time (#1120196)\n\n - let tool call PR_Cleanup on exit if NSPR is used\n (#1146528)\n\n - ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n (#1154747)\n\n - allow to enable/disable new AES cipher-suites (#1156422)\n\n - include response headers added by proxy in\n CURLINFO_HEADER_SIZE (#1161163)\n\n - disable libcurl-level downgrade to SSLv3 (#1154059)\n\n - do not force connection close after failed HEAD request\n (#1168137)\n\n - fix occasional SIGSEGV during SSL handshake (#1168668)\n\n - fix a connection failure when FTPS handle is reused\n (#1154663)\n\n - fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)\n\n - fix connection re-use when using different log-in\n credentials (CVE-2014-0138)\n\n - fix authentication failure when server offers multiple\n auth options (#799557)\n\n - refresh expired cookie in test172 from upstream\n test-suite (#1069271)\n\n - fix a memory leak caused by write after close (#1078562)\n\n - nss: implement non-blocking SSL handshake (#1083742)", "modified": "2018-07-24T00:00:00", "published": "2015-07-31T00:00:00", "id": "ORACLEVM_OVMSA-2015-0107.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=85148", "title": "OracleVM 3.3 : curl (OVMSA-2015-0107)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0107.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85148);\n script_version(\"2.3\");\n script_cvs_date(\"Date: 2018/07/24 18:56:11\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\", \"CVE-2014-3613\", \"CVE-2014-3707\", \"CVE-2014-8150\", \"CVE-2015-3143\", \"CVE-2015-3148\");\n script_bugtraq_id(65270, 66457, 69748, 70988, 71964, 74299, 74301);\n\n script_name(english:\"OracleVM 3.3 : curl (OVMSA-2015-0107)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - require credentials to match for NTLM re-use\n (CVE-2015-3143)\n\n - close Negotiate connections when done (CVE-2015-3148)\n\n - reject CRLFs in URLs passed to proxy (CVE-2014-8150)\n\n - use only full matches for hosts used as IP address in\n cookies (CVE-2014-3613)\n\n - fix handling of CURLOPT_COPYPOSTFIELDS in\n curl_easy_duphandle (CVE-2014-3707)\n\n - fix manpage typos found using aspell (#1011101)\n\n - fix comments about loading CA certs with NSS in man\n pages (#1011083)\n\n - fix handling of DNS cache timeout while a transfer is in\n progress (#835898)\n\n - eliminate unnecessary inotify events on upload via file\n protocol (#883002)\n\n - use correct socket type in the examples (#997185)\n\n - do not crash if MD5 fingerprint is not provided by\n libssh2 (#1008178)\n\n - fix SIGSEGV of curl --retry when network is down\n (#1009455)\n\n - allow to use TLS 1.1 and TLS 1.2 (#1012136)\n\n - docs: update the links to cipher-suites supported by NSS\n (#1104160)\n\n - allow to use ECC ciphers if NSS implements them\n (#1058767)\n\n - make curl --trace-time print correct time (#1120196)\n\n - let tool call PR_Cleanup on exit if NSPR is used\n (#1146528)\n\n - ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n (#1154747)\n\n - allow to enable/disable new AES cipher-suites (#1156422)\n\n - include response headers added by proxy in\n CURLINFO_HEADER_SIZE (#1161163)\n\n - disable libcurl-level downgrade to SSLv3 (#1154059)\n\n - do not force connection close after failed HEAD request\n (#1168137)\n\n - fix occasional SIGSEGV during SSL handshake (#1168668)\n\n - fix a connection failure when FTPS handle is reused\n (#1154663)\n\n - fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)\n\n - fix connection re-use when using different log-in\n credentials (CVE-2014-0138)\n\n - fix authentication failure when server offers multiple\n auth options (#799557)\n\n - refresh expired cookie in test172 from upstream\n test-suite (#1069271)\n\n - fix a memory leak caused by write after close (#1078562)\n\n - nss: implement non-blocking SSL handshake (#1083742)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2015-July/000355.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected curl / libcurl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:libcurl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"curl-7.19.7-46.el6\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"libcurl-7.19.7-46.el6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / libcurl\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:18:28", "bulletinFamily": "scanner", "description": "Updated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.", "modified": "2018-11-10T00:00:00", "published": "2014-05-28T00:00:00", "id": "REDHAT-RHSA-2014-0561.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74205", "title": "RHEL 6 : curl (RHSA-2014:0561)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0561. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74205);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2014-0015\", \"CVE-2014-0138\");\n script_bugtraq_id(65270, 66457);\n script_xref(name:\"RHSA\", value:\"2014:0561\");\n\n script_name(english:\"RHEL 6 : curl (RHSA-2014:0561)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\ncURL provides the libcurl library and a command line tool for\ndownloading files from servers using various protocols, including\nHTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections\nfor requests that should have used different or no authentication\ncredentials, when using one of the following protocols: HTTP(S) with\nNTLM authentication, LDAP(S), SCP, or SFTP. If an application using\nthe libcurl library connected to a remote server with certain\nauthentication credentials, this flaw could cause other requests to\nuse those same credentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these\nissues. Upstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security\nimpact of this issue, and Steve Holme as the original reporter of\nCVE-2014-0138.\n\nThis update also fixes the following bugs :\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted\nin a write after close and consequent leakage of memory dynamically\nallocated by the SSL library. An upstream patch has been applied on\nlibcurl to fix this bug. As a result, the write after close no longer\nhappens, and the SSL library no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based\non libcurl's multi API. To fix this bug, the non-blocking SSL\nhandshake has been implemented by libcurl. With this update, libcurl's\nmulti API immediately returns the control back to the application\nwhenever it cannot read/write data from/to the underlying network\nsocket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due\nto an expired cookie in the upstream test-suite, which runs during the\nbuild. An upstream patch has been applied to postpone the expiration\ndate of the cookie, which makes it possible to rebuild the package\nfrom sources again. (BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using\nKerberos whenever such an authentication method was offered by the\nserver. This caused problems when the server offered multiple\nauthentication methods and Kerberos was not the selected one. An\nupstream patch has been applied on libcurl to fix this bug. Now\nlibcurl no longer uses Kerberos authentication if another\nauthentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0015\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcurl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0561\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"curl-7.19.7-37.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"curl-debuginfo-7.19.7-37.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libcurl-7.19.7-37.el6_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"libcurl-devel-7.19.7-37.el6_5.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-debuginfo / libcurl / libcurl-devel\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:19:42", "bulletinFamily": "scanner", "description": "Tim Ruehsen discovered that curl incorrectly handled partial literal\nIP addresses. This could lead to the disclosure of cookies to the\nwrong site, and malicious sites being able to set cookies for others.\n(CVE-2014-3613)\n\nTim Ruehsen discovered that curl incorrectly allowed cookies to be set\nfor Top Level Domains (TLDs). This could allow a malicious site to set\na cookie that gets sent to other sites. (CVE-2014-3620).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-12-01T00:00:00", "published": "2014-09-16T00:00:00", "id": "UBUNTU_USN-2346-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77701", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : curl vulnerabilities (USN-2346-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2346-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77701);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\");\n script_bugtraq_id(69742, 69748);\n script_xref(name:\"USN\", value:\"2346-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : curl vulnerabilities (USN-2346-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tim Ruehsen discovered that curl incorrectly handled partial literal\nIP addresses. This could lead to the disclosure of cookies to the\nwrong site, and malicious sites being able to set cookies for others.\n(CVE-2014-3613)\n\nTim Ruehsen discovered that curl incorrectly allowed cookies to be set\nfor Top Level Domains (TLDs). This could allow a malicious site to set\na cookie that gets sent to other sites. (CVE-2014-3620).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2346-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libcurl3, libcurl3-gnutls and / or libcurl3-nss\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3-gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcurl3\", pkgver:\"7.19.7-1ubuntu1.9\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.19.7-1ubuntu1.9\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libcurl3\", pkgver:\"7.22.0-3ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.22.0-3ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libcurl3-nss\", pkgver:\"7.22.0-3ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3\", pkgver:\"7.35.0-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.35.0-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3-nss\", pkgver:\"7.35.0-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcurl3 / libcurl3-gnutls / libcurl3-nss\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-01-16T20:19:44", "bulletinFamily": "scanner", "description": "- use only full matches for hosts used as IP address in\n cookies (CVE-2014-3613)\n\n - reject incoming cookies set for top level domains\n (CVE-2014-3620)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-19T00:00:00", "published": "2014-09-23T00:00:00", "id": "FEDORA_2014-10679.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77792", "title": "Fedora 21 : curl-7.37.0-7.fc21 (2014-10679)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-10679.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77792);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:06:07 $\");\n\n script_cve_id(\"CVE-2014-3613\", \"CVE-2014-3620\");\n script_bugtraq_id(69742, 69748);\n script_xref(name:\"FEDORA\", value:\"2014-10679\");\n\n script_name(english:\"Fedora 21 : curl-7.37.0-7.fc21 (2014-10679)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - use only full matches for hosts used as IP address in\n cookies (CVE-2014-3613)\n\n - reject incoming cookies set for top level domains\n (CVE-2014-3620)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1136154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1138846\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137932.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6dee0eca\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"curl-7.37.0-7.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:49:18", "bulletinFamily": "unix", "description": "[7.19.7-37.el6_5.3]\n- fix re-use of wrong HTTP NTLM connection (CVE-2014-0015)\n- fix connection re-use when using different log-in credentials (CVE-2014-0138)\n[7.19.7-37.el6_5.2]\n- fix authentication failure when server offers multiple auth options (#1096797)\n[7.19.7-37.el6_5.1]\n- refresh expired cookie in test172 from upstream test-suite (#1092486)\n- fix a memory leak caused by write after close (#1092479)\n- nss: implement non-blocking SSL handshake (#1092480)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "ELSA-2014-0561", "href": "http://linux.oracle.com/errata/ELSA-2014-0561.html", "title": "curl security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T01:42:01", "bulletinFamily": "unix", "description": "[7.29.0-25.0.1]\n- disable check to make build pass\n[7.29.0-25]\n- fix spurious failure of test 1500 on ppc64le (#1218272)\n[7.29.0-24]\n- use the default min/max TLS version provided by NSS (#1170339)\n- improve handling of timeouts and blocking direction to speed up FTP (#1218272)\n[7.29.0-23]\n- require credentials to match for NTLM re-use (CVE-2015-3143)\n- close Negotiate connections when done (CVE-2015-3148)\n[7.29.0-22]\n- reject CRLFs in URLs passed to proxy (CVE-2014-8150)\n[7.29.0-21]\n- use only full matches for hosts used as IP address in cookies (CVE-2014-3613)\n- fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)\n[7.29.0-20]\n- eliminate unnecessary delay when resolving host from /etc/hosts (#1130239)\n- allow to enable/disable new AES cipher-suites (#1066065)\n- call PR_Cleanup() on curl tool exit if NSPR is used (#1071254)\n- implement non-blocking TLS handshake (#1091429)\n- fix limited connection re-use for unencrypted HTTP (#1101092)\n- disable libcurl-level downgrade to SSLv3 (#1154060)\n- include response headers added by proxy in CURLINFO_HEADER_SIZE (#1161182)\n- ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth (#1166264)", "modified": "2015-11-23T00:00:00", "published": "2015-11-23T00:00:00", "id": "ELSA-2015-2159", "href": "http://linux.oracle.com/errata/ELSA-2015-2159.html", "title": "curl security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T01:39:57", "bulletinFamily": "unix", "description": "[7.19.7-46]\n- require credentials to match for NTLM re-use (CVE-2015-3143)\n- close Negotiate connections when done (CVE-2015-3148)\n[7.19.7-45]\n- reject CRLFs in URLs passed to proxy (CVE-2014-8150)\n[7.19.7-44]\n- use only full matches for hosts used as IP address in cookies (CVE-2014-3613)\n- fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)\n[7.19.7-43]\n- fix manpage typos found using aspell (#1011101)\n- fix comments about loading CA certs with NSS in man pages (#1011083)\n- fix handling of DNS cache timeout while a transfer is in progress (#835898)\n- eliminate unnecessary inotify events on upload via file protocol (#883002)\n- use correct socket type in the examples (#997185)\n- do not crash if MD5 fingerprint is not provided by libssh2 (#1008178)\n- fix SIGSEGV of curl --retry when network is down (#1009455)\n- allow to use TLS 1.1 and TLS 1.2 (#1012136)\n- docs: update the links to cipher-suites supported by NSS (#1104160)\n- allow to use ECC ciphers if NSS implements them (#1058767)\n- make curl --trace-time print correct time (#1120196)\n- let tool call PR_Cleanup() on exit if NSPR is used (#1146528)\n- ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth (#1154747)\n- allow to enable/disable new AES cipher-suites (#1156422)\n- include response headers added by proxy in CURLINFO_HEADER_SIZE (#1161163)\n- disable libcurl-level downgrade to SSLv3 (#1154059)\n[7.19.7-42]\n- do not force connection close after failed HEAD request (#1168137)\n- fix occasional SIGSEGV during SSL handshake (#1168668)\n[7.19.7-41]\n- fix a connection failure when FTPS handle is reused (#1154663)", "modified": "2015-07-28T00:00:00", "published": "2015-07-28T00:00:00", "id": "ELSA-2015-1254", "href": "http://linux.oracle.com/errata/ELSA-2015-1254.html", "title": "curl security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:04", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to [CVE-2014-0015 __](<https://access.redhat.com/security/cve/CVE-2014-0015>). \n\n \n**Affected Packages:** \n\n\ncurl\n\n \n**Issue Correction:** \nRun _yum update curl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n curl-7.36.0-2.44.amzn1.i686 \n libcurl-devel-7.36.0-2.44.amzn1.i686 \n curl-debuginfo-7.36.0-2.44.amzn1.i686 \n libcurl-7.36.0-2.44.amzn1.i686 \n \n src: \n curl-7.36.0-2.44.amzn1.src \n \n x86_64: \n curl-debuginfo-7.36.0-2.44.amzn1.x86_64 \n curl-7.36.0-2.44.amzn1.x86_64 \n libcurl-7.36.0-2.44.amzn1.x86_64 \n libcurl-devel-7.36.0-2.44.amzn1.x86_64 \n \n \n", "modified": "2014-09-18T00:20:00", "published": "2014-09-18T00:20:00", "id": "ALAS-2014-322", "href": "https://alas.aws.amazon.com/ALAS-2014-322.html", "title": "Medium: curl", "type": "amazon", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-02T16:55:29", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nlibcurl wrongly allows cookies to be set for TLDs, thus making them much broader then they are supposed to be allowed to. This can allow arbitrary sites to set cookies that then would get sent to a different and unrelated site or domain.\n\nBy not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others.\n\n \n**Affected Packages:** \n\n\ncurl\n\n \n**Issue Correction:** \nRun _yum update curl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n libcurl-7.38.0-1.46.amzn1.i686 \n libcurl-devel-7.38.0-1.46.amzn1.i686 \n curl-debuginfo-7.38.0-1.46.amzn1.i686 \n curl-7.38.0-1.46.amzn1.i686 \n \n src: \n curl-7.38.0-1.46.amzn1.src \n \n x86_64: \n libcurl-devel-7.38.0-1.46.amzn1.x86_64 \n curl-debuginfo-7.38.0-1.46.amzn1.x86_64 \n libcurl-7.38.0-1.46.amzn1.x86_64 \n curl-7.38.0-1.46.amzn1.x86_64 \n \n \n", "modified": "2014-09-19T12:07:00", "published": "2014-09-19T12:07:00", "id": "ALAS-2014-407", "href": "https://alas.aws.amazon.com/ALAS-2014-407.html", "title": "Medium: curl", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:28", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:0561\n\n\ncURL provides the libcurl library and a command line tool for downloading\nfiles from servers using various protocols, including HTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections for\nrequests that should have used different or no authentication credentials,\nwhen using one of the following protocols: HTTP(S) with NTLM\nauthentication, LDAP(S), SCP, or SFTP. If an application using the libcurl\nlibrary connected to a remote server with certain authentication\ncredentials, this flaw could cause other requests to use those same\ncredentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these issues.\nUpstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security impact of\nthis issue, and Steve Holme as the original reporter of CVE-2014-0138.\n\nThis update also fixes the following bugs:\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted in a\nwrite after close and consequent leakage of memory dynamically allocated by\nthe SSL library. An upstream patch has been applied on libcurl to fix this\nbug. As a result, the write after close no longer happens, and the SSL\nlibrary no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based on\nlibcurl's multi API. To fix this bug, the non-blocking SSL handshake has\nbeen implemented by libcurl. With this update, libcurl's multi API\nimmediately returns the control back to the application whenever it cannot\nread/write data from/to the underlying network socket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due to an\nexpired cookie in the upstream test-suite, which runs during the build. An\nupstream patch has been applied to postpone the expiration date of the\ncookie, which makes it possible to rebuild the package from sources again.\n(BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using Kerberos\nwhenever such an authentication method was offered by the server. This\ncaused problems when the server offered multiple authentication methods and\nKerberos was not the selected one. An upstream patch has been applied on\nlibcurl to fix this bug. Now libcurl no longer uses Kerberos authentication\nif another authentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-May/020321.html\n\n**Affected packages:**\ncurl\nlibcurl\nlibcurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0561.html", "modified": "2014-05-28T12:52:04", "published": "2014-05-28T12:52:04", "href": "http://lists.centos.org/pipermail/centos-announce/2014-May/020321.html", "id": "CESA-2014:0561", "title": "curl, libcurl security update", "type": "centos", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-10-03T18:26:56", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:1254\n\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user's cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle's duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API.\n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload.\n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected.\n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS.\nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/002018.html\n\n**Affected packages:**\ncurl\nlibcurl\nlibcurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1254.html", "modified": "2015-07-26T14:12:23", "published": "2015-07-26T14:12:23", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/002018.html", "id": "CESA-2015:1254", "title": "curl, libcurl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-10-03T18:25:02", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:2159\n\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user's cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle's duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl.\nAttackers could abuse the fallback to force downgrade of the SSL version.\nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API.\n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs.\n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/002182.html\n\n**Affected packages:**\ncurl\nlibcurl\nlibcurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2159.html", "modified": "2015-11-30T19:26:37", "published": "2015-11-30T19:26:37", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/002182.html", "id": "CESA-2015:2159", "title": "curl, libcurl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "redhat": [{"lastseen": "2018-12-11T19:40:57", "bulletinFamily": "unix", "description": "cURL provides the libcurl library and a command line tool for downloading\nfiles from servers using various protocols, including HTTP, FTP, and LDAP.\n\nIt was found that libcurl could incorrectly reuse existing connections for\nrequests that should have used different or no authentication credentials,\nwhen using one of the following protocols: HTTP(S) with NTLM\nauthentication, LDAP(S), SCP, or SFTP. If an application using the libcurl\nlibrary connected to a remote server with certain authentication\ncredentials, this flaw could cause other requests to use those same\ncredentials. (CVE-2014-0015, CVE-2014-0138)\n\nRed Hat would like to thank the cURL project for reporting these issues.\nUpstream acknowledges Paras Sethia as the original reporter of\nCVE-2014-0015 and Yehezkel Horowitz for discovering the security impact of\nthis issue, and Steve Holme as the original reporter of CVE-2014-0138.\n\nThis update also fixes the following bugs:\n\n* Previously, the libcurl library was closing a network socket without\nfirst terminating the SSL connection using the socket. This resulted in a\nwrite after close and consequent leakage of memory dynamically allocated by\nthe SSL library. An upstream patch has been applied on libcurl to fix this\nbug. As a result, the write after close no longer happens, and the SSL\nlibrary no longer leaks memory. (BZ#1092479)\n\n* Previously, the libcurl library did not implement a non-blocking SSL\nhandshake, which negatively affected performance of applications based on\nlibcurl's multi API. To fix this bug, the non-blocking SSL handshake has\nbeen implemented by libcurl. With this update, libcurl's multi API\nimmediately returns the control back to the application whenever it cannot\nread/write data from/to the underlying network socket. (BZ#1092480)\n\n* Previously, the curl package could not be rebuilt from sources due to an\nexpired cookie in the upstream test-suite, which runs during the build. An\nupstream patch has been applied to postpone the expiration date of the\ncookie, which makes it possible to rebuild the package from sources again.\n(BZ#1092486)\n\n* Previously, the libcurl library attempted to authenticate using Kerberos\nwhenever such an authentication method was offered by the server. This\ncaused problems when the server offered multiple authentication methods and\nKerberos was not the selected one. An upstream patch has been applied on\nlibcurl to fix this bug. Now libcurl no longer uses Kerberos authentication\nif another authentication method is selected. (BZ#1096797)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running\napplications that use libcurl have to be restarted for this update to\ntake effect.\n", "modified": "2018-06-06T20:24:30", "published": "2014-05-27T04:00:00", "id": "RHSA-2014:0561", "href": "https://access.redhat.com/errata/RHSA-2014:0561", "type": "redhat", "title": "(RHSA-2014:0561) Moderate: curl security and bug fix update", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T17:44:10", "bulletinFamily": "unix", "description": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user's cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle's duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl.\nAttackers could abuse the fallback to force downgrade of the SSL version.\nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API.\n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs.\n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.", "modified": "2018-04-12T03:32:37", "published": "2015-11-19T19:41:12", "id": "RHSA-2015:2159", "href": "https://access.redhat.com/errata/RHSA-2015:2159", "type": "redhat", "title": "(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-12-11T19:40:52", "bulletinFamily": "unix", "description": "The curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP.\n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user's cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle's duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues.\n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API.\n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload.\n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected.\n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS.\nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements.\n", "modified": "2018-06-06T20:24:28", "published": "2015-07-22T09:29:46", "id": "RHSA-2015:1254", "href": "https://access.redhat.com/errata/RHSA-2015:1254", "type": "redhat", "title": "(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "description": "Cookie can be leaked to wrong site.", "modified": "2014-09-15T00:00:00", "published": "2014-09-15T00:00:00", "id": "SECURITYVULNS:VULN:13962", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13962", "title": "libcurl information leakage", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:53", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3022-1 security@debian.org\r\nhttp://www.debian.org/security/ Yves-Alexis Perez\r\nSeptember 10, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : curl\r\nCVE ID : CVE-2014-3613 CVE-2014-3620\r\n\r\nTwo vulnerabilities have been discovered in cURL, an URL transfer\r\nlibrary. They can be use to leak cookie information:\r\n\r\nCVE-2014-3613\r\n\r\n By not detecting and rejecting domain names for partial literal IP\r\n addresses properly when parsing received HTTP cookies, libcurl can\r\n be fooled to both sending cookies to wrong sites and into allowing\r\n arbitrary sites to set cookies for others.\r\n\r\nCVE-2014-3620\r\n\r\n libcurl wrongly allows cookies to be set for Top Level Domains\r\n (TLDs), thus making them apply broader than cookies are allowed.\r\n This can allow arbitrary sites to set cookies that then would get\r\n sent to a different and unrelated site or domain.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 7.26.0-1+wheezy10.\r\n\r\nFor the testing distribution (jessie), these problems have been fixed in\r\nversion 7.38.0-1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 7.38.0-1.\r\n\r\nWe recommend that you upgrade your curl packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2\r\n\r\niQEcBAEBCgAGBQJUEI+JAAoJEG3bU/KmdcCl2IEIAI5sK+QPJmu+/mZzxZwNHZUi\r\ntmLOw24e0eHRV5YLBj7BdojrEQgLt8HyHeLCKujPz2bG7iftJTcfiKAnmsqh0z1A\r\nmH4/b0m4G5L2x98Ag/+GKW9BcKJJY9LugrUrvE+8lw4fWZvlqfMaw7pen8TNz85Q\r\nYVdHgaZnKd2nUlKhWpLnRVHJJU2Fu0I0H3j64Jj3dOTUw6OAD0b7hp45Xd5ZDp2v\r\nBydYQ8Zsmrc0NORlfNeEca8Pip5gTi6tFDyNw5TGfogdz+IMMKfZRTvR/nriXZ7K\r\nDlC3OwQxzRFMktsH4N3cifDPkxfse72lPAJWtNS1bCvumIUOYXsXr8xBtnQ8MwY=\r\n=Vny8\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-09-15T00:00:00", "published": "2014-09-15T00:00:00", "id": "SECURITYVULNS:DOC:31077", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31077", "title": "[SECURITY] [DSA 3022-1] curl security update", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "description": "Uninitialized memory access in curl_easy_unescape()", "modified": "2013-07-01T00:00:00", "published": "2013-07-01T00:00:00", "id": "SECURITYVULNS:VULN:13144", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13144", "title": "libcurl uninitialized memory reference", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:18", "bulletinFamily": "unix", "description": "Tim Ruehsen discovered that curl incorrectly handled partial literal IP addresses. This could lead to the disclosure of cookies to the wrong site, and malicious sites being able to set cookies for others. (CVE-2014-3613)\n\nTim Ruehsen discovered that curl incorrectly allowed cookies to be set for Top Level Domains (TLDs). This could allow a malicious site to set a cookie that gets sent to other sites. (CVE-2014-3620)", "modified": "2014-09-15T00:00:00", "published": "2014-09-15T00:00:00", "id": "USN-2346-1", "href": "https://usn.ubuntu.com/2346-1/", "title": "curl vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "suse": [{"lastseen": "2016-09-04T11:43:03", "bulletinFamily": "unix", "description": "libcurl was updated to fix security issues:\n\n CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned\n or used for other numeric IP hosts if portions of the numerics were the\n same.\n\n CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains,\n making them to broad.\n\n", "modified": "2014-09-17T23:04:13", "published": "2014-09-17T23:04:13", "id": "OPENSUSE-SU-2014:1139-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html", "type": "suse", "title": "curl (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-18T13:50:03", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3022-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nSeptember 10, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : curl\nCVE ID : CVE-2014-3613 CVE-2014-3620\n\nTwo vulnerabilities have been discovered in cURL, an URL transfer\nlibrary. They can be use to leak cookie information:\n\nCVE-2014-3613\n\n By not detecting and rejecting domain names for partial literal IP\n addresses properly when parsing received HTTP cookies, libcurl can\n be fooled to both sending cookies to wrong sites and into allowing\n arbitrary sites to set cookies for others.\n\nCVE-2014-3620\n\n libcurl wrongly allows cookies to be set for Top Level Domains\n (TLDs), thus making them apply broader than cookies are allowed.\n This can allow arbitrary sites to set cookies that then would get\n sent to a different and unrelated site or domain.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 7.26.0-1+wheezy10.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 7.38.0-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.38.0-1.\n\nWe recommend that you upgrade your curl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2014-09-10T17:52:45", "published": "2014-09-10T17:52:45", "id": "DEBIAN:DSA-3022-1:5F994", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00208.html", "title": "[SECURITY] [DSA 3022-1] curl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:45", "bulletinFamily": "unix", "description": "Symeon Paraschoudis discovered that the curl_easy_duphandle() function\nhas a bug that can lead to libcurl eventually sending off sensitive data\nthat was not intended for sending.", "modified": "2014-11-11T00:00:00", "published": "2014-11-11T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html", "id": "ASA-201411-7", "title": "curl: out-of-bounds read", "type": "archlinux", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T17:41:37", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 60737\r\nCVE(CAN) ID: CVE-2013-2174\r\n\r\ncURL\u662f\u547d\u4ee4\u884c\u4f20\u8f93\u6587\u4ef6\u5de5\u5177\uff0c\u652f\u6301FTP\u3001FTPS\u3001HTTP\u3001HTTPS\u3001GOPHER\u3001TELNET\u3001DICT\u3001FILE\u548cLDAP\u3002\r\n\r\ncURL 7.7 - 7.30.0\u7248\u672c\u5185\u7684\u51fd\u6570"curl_easy_unescape()"(lib/escape.c)\u5c06URL\u7f16\u7801\u7684\u5b57\u7b26\u4e32\u89e3\u7801\u4e3a\u539f\u59cb\u4e8c\u8fdb\u5236\u6570\u636e\u65f6\u51fa\u73b0\u8fb9\u754c\u9519\u8bef\uff0c\u6b64\u6f0f\u6d1e\u53ef\u88ab\u5229\u7528\u9020\u6210\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\n0\ncURL 7.x\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n* \u5347\u7ea7\u5230curl/libcurl 7.31.0\r\n\r\n* \u5e94\u7528\u8865\u4e01\uff0c\u91cd\u5efalibcurl\r\n\r\n http://curl.haxx.se/libcurl-unescape.patch\r\n\r\n* \u590d\u6838curl_easy_unescape()\uff0c\u6216\u4e0d\u4f7f\u7528\u6b64\u51fd\u6570\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\ncURL\r\n----\r\ncURL\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08adv_20130622\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nadv_20130622\uff1alibcurl URL decode buffer boundary flaw\r\n\u94fe\u63a5\uff1ahttp://curl.haxx.se/docs/adv_20130622.html\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1ahttp://curl.haxx.se/libcurl-unescape.patch", "modified": "2013-06-26T00:00:00", "published": "2013-06-26T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60852", "id": "SSV:60852", "title": "cURL/libcURL 'curl_easy_unescape()'\u5806\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}], "slackware": [{"lastseen": "2018-08-31T02:36:59", "bulletinFamily": "unix", "description": "New curl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/curl-7.29.0-i486-3_slack14.0.txz: Rebuilt.\n This fixes a minor security issue where a decode buffer boundary flaw in\n libcurl could lead to heap corruption.\n For more information, see:\n http://curl.haxx.se/docs/adv_20130622.html\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/curl-7.16.2-i486-4_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/curl-7.19.6-i486-2_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.19.6-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.19.6-x86_64-2_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.20.1-i486-2_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.20.1-x86_64-2_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.21.4-i486-2_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.21.4-x86_64-2_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.29.0-i486-3_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.29.0-x86_64-3_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.31.0-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.31.0-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\n039f86b776fa836abe4f4153329bf4ab curl-7.16.2-i486-4_slack12.1.tgz\n\nSlackware 12.2 package:\n4cd279f928fa4e261f7b25cd5623ca1f curl-7.19.6-i486-2_slack12.2.tgz\n\nSlackware 13.0 package:\n271bb8f3842426959bd8dc62c9f91513 curl-7.19.6-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nb480f2128bf50e14a8943909b6aae236 curl-7.19.6-x86_64-2_slack13.0.txz\n\nSlackware 13.1 package:\ndc472f71102bec4454ee8cb9e01ab5ca curl-7.20.1-i486-2_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n156aaad5fe806e6fdf8c2d01cf9a8f9d curl-7.20.1-x86_64-2_slack13.1.txz\n\nSlackware 13.37 package:\na52a03c063bf8e7fec021fbfb0bee2d7 curl-7.21.4-i486-2_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n555ac66549322d731bf1e9940a145584 curl-7.21.4-x86_64-2_slack13.37.txz\n\nSlackware 14.0 package:\n4073372f0426b39c992f370b72638f4b curl-7.29.0-i486-3_slack14.0.txz\n\nSlackware x86_64 14.0 package:\na1580d839db13701f8775e77eeb4920b curl-7.29.0-x86_64-3_slack14.0.txz\n\nSlackware -current package:\n4ba53a308a7cf0545a1ecff82f216e20 n/curl-7.31.0-i486-1.txz\n\nSlackware x86_64 -current package:\nce783176b2c2e1bc117917ceb4fbfbdf n/curl-7.31.0-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg curl-7.29.0-i486-3_slack14.0.txz", "modified": "2013-06-23T15:07:06", "published": "2013-06-23T15:07:06", "id": "SSA-2013-174-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.499592", "title": "curl", "type": "slackware", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
