38 matches found
Alibaba Cloud Linux 3 : 0078: curl (ALINUX3-SA-2021:0078)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0078 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3822: libcurl versions from 7.36....
BELL-CVE-2019-3823 CVE-2019-3823 does not affect BellSoft software
Bulletin has no description...
SUSE: Security Advisory (SUSE-SU-2019:0339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0249-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Siemens SCALANCE and SIMATIC libcurl
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE and SIMATIC Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this third-party vulnerability could allow an attacker to cause a...
CentOS 8 : curl (CESA-2019:3701)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...
Photon OS 1.0: Curl PHSA-2019-1.0-0209
An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0209. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid133296;...
curl security and bug fix update
7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...
RHEL 8 : curl (RHSA-2019:3701)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3701 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...
Fedora Update for curl FEDORA-2019-697de0501f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
curl: libcurl: SMTP end-of-response out-of-bounds read - CVE-2019-3823
libcurl contains a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtpendofresp isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol call reads beyond the allocated buffer. The read conten...
Photon OS 2.0: Curl PHSA-2019-2.0-0131
An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0131. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid122910;...
openSUSE: Security Advisory for curl (openSUSE-SU-2019:0174-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for curl (openSUSE-SU-2019:0173-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : curl (openSUSE-2019-173)
This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)
This update for curl fixes the following issues : Security issues fixed : CVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer overflow bsc1123377. CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response bsc1123378. CVE-2018-16890: Fixed an out-of-bounds buffer read in NT...
[ASA-201902-13] lib32-curl: arbitrary code execution
Arch Linux Security Advisory ASA-201902-13 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-874 Summary ======...
[ASA-201902-9] curl: arbitrary code execution
Arch Linux Security Advisory ASA-201902-9 ========================================= Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-873 Summary ======= The...
[ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201902-11 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-876...
[ASA-201902-12] lib32-libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201902-12 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-875...