8 matches found
EulerOS 2.0 SP5 : curl (EulerOS-SA-2022-1265)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this wa...
F5 Networks BIG-IP : cURL vulnerability (K63525058)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K63525058 advisory. - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP...
EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1711)
According to the version of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port,...
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...
Code injection
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...
CVE-2020-8284
CVE-2020-8284 affects curl's handling of FTP PASV responses, enabling a malicious FTP server to coax curl into connecting to an attacker-controlled IP/port and potentially reveal private services (port scanning, banner extraction). Affects curl prior to patched versions; multiple advisories refer...
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...