Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.25 views

Slackware: Security Advisory (SSA:2015-302-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS9AI score0.3763EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:21 p.m.29 views

Security Bulletin: A vulnerability in libcURL affects IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2015-3237)

Summary A vulnerability in libcURL was disclosed on September 10, 2015 by the cURL open source team as a fix in libcURL 7.43. libcURL 7.47.1, used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors, has addressed the vulnerability. Vulnerability Details CVE-ID: CVE-2015-32...

6.4CVSS0.9AI score0.09334EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/20 12:0 a.m.557 views

Oracle GlassFish Server 3.1.2.x < 3.1.2.15 Multiple Vulnerabilities (July 2016 CPU)

According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.15. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the bundled version of libcurl in the smbrequeststate...

10CVSS8.6AI score0.09334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/10/30 12:0 a.m.30 views

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : curl (SSA:2015-302-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-302-01. The text itsel...

9CVSS7.5AI score0.3763EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.35 views

Gentoo Security Advisory GLSA 201509-02

Gentoo Linux Local Security Checks GLSA 201509-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

9CVSS7.5AI score0.3763EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.32 views

Amazon Linux: Security Advisory (ALAS-2015-551)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS8.7AI score0.09334EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.32 views

Fedora Update for curl FEDORA-2015-10155

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS9.5AI score0.09334EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.32 views

Fedora 22 : curl-7.40.0-5.fc22 (2015-10155)

implement public key pinning for NSS backend 1195771 - fix lingering HTTP credentials in connection re-use CVE-2015-3236 - prevent SMB from sending off unrelated memory contents CVE-2015-3237 - curl-config --libs now works on x8664 without libcurl-devel.x8664 1228363 Note that Tenable Network...

6.4CVSS8AI score0.09334EPSS
Exploits0References5
CVE
CVE
added 2015/06/22 7:0 p.m.128 views

CVE-2015-3237

The CVE-2015-3237 issue affects curl/libcurl 7.40.0–7.42.1. In the smb_request_state() handler, two length and offset values parsed from network data are used without proper boundary checks, enabling a remote SMB server to read memory contents or trigger a crash. Impacts include information discl...

6.4CVSS8.1AI score0.09334EPSS
Exploits0References11Affected Software2
Debian CVE
Debian CVE
added 2015/06/22 7:0 p.m.42 views

CVE-2015-3237

The smbrequeststate function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service out-of-bounds read and crash via crafted length and offset values...

6.4CVSS9.3AI score0.09334EPSS
Exploits0
Kaspersky
Kaspersky
added 2015/06/22 12:0 a.m.54 views

KLA10618 Information disclosure vulnerability in cURL

Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability related to SMB can be exploited remotely via specially designed length and offset...

6.4CVSS9AI score0.09334EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2015/06/22 12:0 a.m.49 views

curl: information leakage

CVE-2015-3236 lingering HTTP credentials in connection re-use: libcurl can wrongly send HTTP credentials when re-using connections. libcurl allows applications to set credentials for the upcoming transfer with HTTP Basic authentication, like with CURLOPTUSERPWD for example. Name and password...

6.4CVSS0.1AI score0.09334EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2015/06/19 12:0 a.m.30 views

Security fix for the ALT Linux 8 package curl version 7.43.0-alt1

June 19, 2015 Anton Farygin 7.43.0-alt1 - new version, with fixes for CVE-2015-3236, CVE-2015-3237...

6.4CVSS7.1AI score0.09334EPSS
Exploits0
Amazon
Amazon
added 2015/06/18 12:0 a.m.45 views

Medium: curl

Issue Overview: As discussed upstream http://curl.haxx.se/docs/adv20150617A.html, libcurl can wrongly send HTTP credentials when re-using connections. CVE-2015-3236 Also discussed upstream http://curl.haxx.se/docs/adv20150617B.html, libcurl can get tricked by a malicious SMB server to send off da...

6.4CVSS8.9AI score0.09334EPSS
Exploits0
Rows per page
Query Builder