122 matches found
AZL-25804 CVE-2023-27533 affecting package mysql for versions less than 8.0.34-1
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
DEBIAN-CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
ALPINE-CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
AZL-25783 CVE-2023-27533 affecting package cmake for versions less than 3.21.4-12
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
Input validation
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CVE-2023-27533
CVE-2023-27533 is a curl <8.0 TELNET input-validation vulnerability. The issue arises during Telnet option negotiation when user-supplied data (username and telnet options) is not properly scrubbed, allowing an attacker to send content or negotiate options contrary to the application's intent....
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2023:1582-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1582-1 advisory. - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
SUSE CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
CURL-CVE-2023-27533 TELNET option IAC injection
curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on username and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl would pass on username and telnet options ...
Internet Bug Bounty: CVE-2023-27533: TELNET option IAC injection
A vulnerability CVE-2023-27533 was found in curl versions 7.7 to 7.88.1 that allowed users to pass on user name and "telnet options" for server negotiation without proper input scrubbing, potentially allowing for the injection of unintended TELNET commands to the telnet connection. The severity o...
curl -- multiple vulnerabilities
Harry Sintonen reports: CVE-2023-27533 curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-079-01)
The version of curl installed on the remote host is prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-079-01 advisory. - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker t...
curl: CVE-2023-27533: Telnet option IAC injection
A vulnerability existed in the CURLOPTTELNETOPTIONS option of the cURL library, which allowed an attacker to inject unintended TELNET commands to the telnet connection by escaping out of the telnet subnegotiation. This could allow the attacker to execute arbitrary OS commands on the target system...
SUSE CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a 1 telnet, 2 rlogin, 3 ssh, or 4 mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files...