Linux Distros Unpatched Vulnerability : CVE-2016-8619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free. CVE-2016-8619 Note that Nessus relies on the presence of...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

curl security update

7.29.0-59.0.3.el79.2 - load CA certificates even with --insecure Orabug: 32836997 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers...

Debian: Security Advisory (DLA-711-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K46123931: cURL and libcurl vulnerability CVE-2016-8619

Security Advisory Description The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free. CVE-2016-8619 Impact An attacker may use this vulnerability to exploit the usage of the cURL command with Kerberos authentication on custom BIG-IP monitors and/or t...

Slackware: Security Advisory (SSA:2016-308-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

curl security update

7.29.0-59.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2017-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

curl security and bug fix update

7.29.0-51.0.1.el76.3 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked...

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

CVE-2016-8619

CVE-2016-8619 affects curl, where the Kerberos authentication path reads length fields and realloc() may be called with 0, leading to a memory double-free. This issue is documented across multiple sources (Debian DSA-3705-1 and ALAS-2016-766), identifying the vulnerable code path as read_data() i...

CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

Updated curl packages fix security vulnerability

If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the specified file...

F5 Networks BIG-IP : cURL and libcurl vulnerability (K46123931)

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free.CVE-2016-8619 Impact An attacker may use this vulnerability to exploit the usage of the cURL command with Kerberos authentication on custom BIG-IP monitors and/or the command line. C Tenable...

EulerOS 2.0 SP1 : curl (EulerOS-SA-2017-1036)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in the 1 curlescape, 2 curleasyescape, 3 curlunescape, and 4 curleasyunescape functions in libcurl before 7.50.3 allow...

EulerOS 2.0 SP2 : curl (EulerOS-SA-2017-1035)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in the 1 curlescape, 2 curleasyescape, 3 curlunescape, and 4 curleasyunescape functions in libcurl before 7.50.3 allow...

openSUSE Security Update : curl (openSUSE-2016-1280)

This update for curl fixes the following security issues : - CVE-2016-8624: invalid URL parsing with '' bsc1005646 - CVE-2016-8623: Use-after-free via shared cookies bsc1005645 - CVE-2016-8622: URL unescape heap overflow via integer truncation bsc1005643 - CVE-2016-8621: curlgetdate read out of...