Linux Distros Unpatched Vulnerability : CVE-2017-7407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in...

CVE-2017-7407

creationtimestamp| type| source ---|---|--- 2024-12-18 08:41:20+00:00| seen| https://mastodon.social/users/bagder/statuses/113672931060541852 2024-12-18 09:17:43+00:00| seen| https://vulnerability.circl.lu/comment/942a20f3-cbb3-4457-b3b0-4ddf34d2d6e7...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

BELL-CVE-2017-7407 CVE-2017-7407 does not affect BellSoft software

Bulletin has no description...

SUSE CVE-2017-7407

The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a...

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1043-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1042-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1697)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : curl (EulerOS-SA-2019-1697)

According to the version of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive...

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

USN-3441-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

USN-3441-1: curl vulnerabilities

Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-9586...

SUSE SLES11 Security Update : curl (SUSE-SU-2017:2312-1)

This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read bsc1032309 - CVE-2016-9586: libcurl printf issue could lead...

Amazon Linux AMI : curl (ALAS-2017-850)

The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a certain character, which leads t...

openSUSE Security Update : curl (openSUSE-2017-513)

This update for curl fixes the following issues : Security issue fixed : - CVE-2016-9586: libcurl printf floating point buffer overflow bsc1015332 - CVE-2017-7407: The ourWriteOut function in toolwriteout.c in curl might have allowed physically proximate attackers to obtain sensitive information...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2017:1042-1)

This update for curl fixes the following issues: Security issue fixed : - CVE-2016-9586: libcurl printf floating point buffer overflow bsc1015332 - CVE-2017-7407: The ourWriteOut function in toolwriteout.c in curl might have allowed physically proximate attackers to obtain sensitive information...

SUSE SLES11 Security Update : curl (SUSE-SU-2017:1043-1)

This update for curl fixes the following issues: These security issues were fixed : - CVE-2016-9586: libcurl printf floating point buffer overflow bsc1015332 - CVE-2017-7407: The ourWriteOut function in toolwriteout.c in curl might have allowed physically proximate attackers to obtain sensitive...