21 matches found
Mageia: Security Advisory (MGASA-2013-0338)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1818
Software: curl 7.29.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-4545 CVE-Crit: CRITICAL CVE-DESC: cURL and libcurl from 7.18.0 through 7.32.0 when built with OpenSSL disables validation of CN and SAN certificate name fields CURLOPTSSLVERIFYHOST when digital signature validation CURLOPTSSLVERIFYPEER is...
SUSE: Security Advisory (SUSE-SU-2014:0002-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2020-1626)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1172)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED11 / SLES11 Security Update : curl (SUSE-SU-2014:0004-1)
This update fixes the following security issues with curl : - bnc849596: ssl cert checks with unclear behaviour CVE-2013-4545 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and...
HP System Management Homepage < 7.4 Multiple Vulnerabilities
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is affected by the following vulnerabilities : - A flaw exists within the included cURL that disables the 'CURLOPTSSLVERIFYHOST' check when the setting on 'CURLOPTSSLVERIFYPEER' ...
[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04463322 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04463322 Version: 1 HPSBMU03112 rev....
Fedora Update for mingw-curl FEDORA-2014-6921
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-curl FEDORA-2014-6912
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : curl (openSUSE-SU-2013:1859-1)
This update fixes the following security issues with curl : - fix CVE-2013-4545 bnc849596 = acknowledge VERIFYHOST without VERIFYPEER %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
SOL15150 - cURL and libcurl vulnerability CVE-2013-4545
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...
Fedora Update for mingw-curl FEDORA-2013-22046
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA10458 Multiple vulnerabilities in HP SMH
Multiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely. Original advisories HP bulletin Related products HP-System-Management-Homepage...
Fedora 20 : mingw-curl-7.33.0-1.fc20 (2013-22046)
Update to 7.33.0 - Fixes CVE-2013-4545, RHBZ 1031429 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 19 : mingw-curl-7.33.0-1.fc19 (2013-21887)
Update to 7.33.0 - Fixes CVE-2013-4545, RHBZ 1031429 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
[ MDVSA-2013:276 ] curl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:276 http://www.mandriva.com/en/support/security/ Package : curl Date : November 21, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated curl packages fix security...
CVE-2013-4545
CVE-2013-4545 affects curl/libcurl 7.18.0–7.32.0 when built with OpenSSL: if CURLOP_SSL_VERIFYPEER is disabled, it also disables CN and SAN verification (CURLOPT_SSL_VERIFYHOST), enabling MITM spoofing with any valid certificate. Connected IBM CS bulletins describe remediation via firmware update...
Mandriva Linux Security Advisory : curl (MDVSA-2013:276)
Updated curl packages fix security vulnerability : Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPTSSLVERIFYHOST check when the CURLOPTSSLVERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled...
[SECURITY] [DSA 2798-2] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2798-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 20, 2013 http://www.debian.org/security/faq -...