35 matches found
Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
Summary Security vulnerabilities have been discovered in curl and php5 that are used in IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2013-2174 DESCRIPTION: cURL/libcURL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...
SUSE: Security Advisory (SUSE-SU-2013:1166-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1166-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)
Summary Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details Abstract Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details CVE-ID: CVE-2014-2653...
Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139)
Summary Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Vulnerability Details Abstract Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Content Vulnerability Details:...
Gentoo Security Advisory GLSA 201401-14
Gentoo Linux Local Security Checks GLSA 201401-14 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Fedora Update for curl FEDORA-2014-16690
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for curl FEDORA-2014-10714
Check the version of curl SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868370";...
Fedora Update for curl FEDORA-2014-4449
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for curl FEDORA-2014-1864
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-2174
Heap-based buffer overflow in the curleasyunescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted string ending in a "%" percent character...
CVE-2013-2174
CVE-2013-2174 : A heap-based buffer overflow in curl_easy_unescape() (lib/escape.c) in curl/libcurl, affecting 7.7–7.30.0, can cause remote crashes or arbitrary code execution via a crafted string ending in “%”. Connected IBM PSIRTs/IMM advisories corroborate the issue and map affected IMM firmwa...
SuSE 11.3 Security Update : curl (SAT Patch Number 7932)
This update of curl fixes a security issue in libcurl URL buffer decoding. bnc824517 / CVE-2013-2174 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell,...
Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora Update for curl FEDORA-2013-11574
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : curl-7.27.0-11.fc18 (2013-11574)
CVE-2013-2174 - fix heap-based buffer overflow in curleasyunescape Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Oracle Linux 5 / 6 : curl (ELSA-2013-0983)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0983 advisory. 7.19.7-37 - fix heap-based buffer overflow in curleasyunescape CVE-2013-2174 Tenable has extracted the preceding description block directly from the Oracle...
SuSE 10 Security Update : curl (ZYPP Patch Number 8614)
This update of curl fixes several security issues. - libcurl URL decode buffer boundary flaw bnc824517 / CVE-2013-2174 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
SuSE 10 Security Update : libcurl4 (ZYPP Patch Number 8618) (BEAST)
This update of curl fixes several security issues : - libcurl URL decode buffer boundary flaw. bnc824517 / CVE-2013-2174 - cookie domain tailmatch. bnc814655 / CVE-2013-1944 - curl sets SSLOPALL. bnc742306 / CVE-2011-3389 - When SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not properly...
SuSE 11.2 Security Update : curl (SAT Patch Number 7867)
This update of curl fixes several security issues : - libcurl URL decode buffer boundary flaw bnc824517 / CVE-2013-2174 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...