15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy...
Security Bulletin: Vulnerabilities in curl affect Power Hardware Management Console (CVE-2015-3143 CVE-2015-3148 CVE-2015-3153 CVE-2014-3613 CVE-2014-3707 CVE-2014-8150)
Summary curl is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3143 DESCRIPTION: libcurl could allow a remote attacker from within the local network to bypass security restrictions, caused by the re-use of recently...
Advisory ROSA-SA-2021-1818
Software: curl 7.29.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-4545 CVE-Crit: CRITICAL CVE-DESC: cURL and libcurl from 7.18.0 through 7.32.0 when built with OpenSSL disables validation of CN and SAN certificate name fields CURLOPTSSLVERIFYHOST when digital signature validation CURLOPTSSLVERIFYPEER is...
SUSE: Security Advisory (SUSE-SU-2015:0962-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in libcurl and cURL affect Rational DOORS (CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3153, CVE-2015-3236)
Summary Vulnerabilities in libcurl and cURL affect Rational DOORS. Vulnerability Details CVEID: CVE-2015-3143 DESCRIPTION: libcurl could allow a remote attacker from within the local network to bypass security restrictions, caused by the re-use of recently authenticated connections. By sending a...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2410)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2566)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : curl (EulerOS-SA-2019-2566)
According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow...
Security Bulletin: Multiple vulnerabilities affect IBM Flex System Chassis Management Module
Summary The following curl, glibc, php and OpenSSL vulnerabilities, as well as MD5 "SLOTH" vulnerability on TLS 1.2, affect IBM Flex System Chassis Management Module. Vulnerability Details Summary The following curl, glibc, php and OpenSSL vulnerabilities, as well as MD5 "SLOTH" vulnerability on...
Security Bulletin: Vulnerability in cURL component shipped with IBM Rational ClearCase (CVE-2015-3153)
Summary IBM Rational ClearCase is affected by a cURL/libcURL CURLOPTHTTPHEADER information disclosure vulnerability. Vulnerability Details CVEID: CVE-2015-3153 DESCRIPTION: cURL/libcURL could allow a remote attacker to obtain sensitive information, caused by custom HTTP headers with sensitive...
Juniper Networks Junos OS Multiple cURL and libcurl Vulnerabilities
Junos OS is prone to multiple vulnerabilities in cURL and libcurl. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2015:0990-1)
curl was updated to fix five security issues. The following vulnerabilities were fixed : - CVE-2015-3143: curl could re-use NTML authenticateds connections - CVE-2015-3144: curl could access memory out of bounds with zero length host names - CVE-2015-3145: curl cookie parser could access memory o...
openSUSE Security Update : curl (openSUSE-2015-356)
curl was updated to 7.42.1 to fix one security issue. The following vulnerability was fixed : - CVE-2015-3153: curl could have sent sensitive HTTP headers also to proxies bnc928533 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[USN-2591-1] curl vulnerabilities
========================================================================== Ubuntu Security Notice USN-2591-1 April 30, 2015 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
CVE-2015-3153
Technical details for CVE-2015-3153 are not provided in the connected documents. Monitor for updates; the available material only includes the initial summary of impact without vendor/product specifics.