Alibaba Cloud Linux 3 : 0078: curl (ALINUX3-SA-2021:0078)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0078 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3822: libcurl versions from 7.36....

BELL-CVE-2019-3822 CVE-2019-3822 does not affect BellSoft software

Bulletin has no description...

K84141449: MySQL vulnerabilities CVE-2019-2830, CVE-2019-2834, and CVE-2019-3822

Security Advisory Description CVE-2019-2830 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

SUSE CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists ...

SUSE: Security Advisory (SUSE-SU-2019:0249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0339-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : curl (CESA-2019:3701)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...

Photon OS 1.0: Curl PHSA-2019-1.0-0209

An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0209. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid133296;...

Haxx Libcurl NTLM Buffer Overflow (CVE-2019-3822)

A buffer overflow vulnerability exists in Haxx Libcurl. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

curl security and bug fix update

7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...

RHEL 8 : curl (RHSA-2019:3701)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3701 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

Amazon Linux AMI : mysql57 (ALAS-2019-1297)

A stack-based buffer overflow vulnerability in the 'Server: Packaging cURL' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. CVE-2019-3822 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: XML...

Medium: mysql57

Issue Overview: A stack-based buffer overflow vulnerability in the 'Server: Packaging cURL' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. CVE-2019-3822 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent...

MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.27. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory: - A stack-based buffer overflow vulnerability in the 'Serve...

Oracle Enterprise Manager Ops Center (Jul 2019 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - An unspecified vulnerability in Networking cURL subcomponent of Oracle Enterprise Manager Ops Center, which could allow an...

Fedora Update for curl FEDORA-2019-697de0501f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Fusion Middleware Oracle HTTP Server (Apr 2019 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by a stack-based buffer overflow as noted in the April 2019 CPU advisory. The condition exists in the included cURL library due to using unsigned math when preventing the overflow. An unauthenticated, remote attacker can...

openSUSE: Security Advisory for curl (openSUSE-SU-2019:0174-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for curl (openSUSE-SU-2019:0173-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : curl (openSUSE-2019-173)

This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...