42 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-0015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent...
SUSE CVE-2014-0015
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request...
Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
Summary Security vulnerabilities have been discovered in curl and php5 that are used in IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2013-2174 DESCRIPTION: cURL/libcURL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...
Mageia: Security Advisory (MGASA-2014-0153)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0175-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0175-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0171-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139)
Summary Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Vulnerability Details Abstract Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Content Vulnerability Details:...
Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)
Summary Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details Abstract Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details CVE-ID: CVE-2014-2653...
Security Bulletin: IBM ToolsCenter is affected by several cURL potential vulnerabilities (CVE-2014-0015, CVE-2014-0139, CVE-2014-0138, CVE-2014-2522)
Summary Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Vulnerability Details Abstract Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Content...
F5 Networks BIG-IP : cURL and libcurl vulnerability (K16704)
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. CVE-2015-3143 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
Juniper Networks Junos OS Multiple cURL and libcurl Vulnerabilities
Junos OS is prone to multiple vulnerabilities in cURL and libcurl. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"...
Design/Logic Flaw
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...
CVE-2016-0755
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...
VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012)
The remote VMware ESXi host is affected by multiple vulnerabilities : - Multiple denial of service vulnerabilities exist in Python function readstatus in library httplib and in function readline in libraries smtplib, ftplib, nntplib, imaplib, and poplib. A remote attacker can exploit these...
Amazon Linux: Security Advisory (ALAS-2014-295)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for curl FEDORA-2015-6712
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3143
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015...
CVE-2015-3143
The connected documents provide concrete details for CVE-2015-3143: in curl and libcurl, versions 7.10.6 through 7.41.0 failed to properly re-use NTLM connections, enabling a remote attacker to connect as another user via an unauthenticated request (NTLM/Negotiate authentication interaction). Thi...
Fedora Update for curl FEDORA-2014-16690
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...