22 matches found
RHEL 6 / 7 : httpd24 (RHSA-2018:3558)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...
Mageia: Security Advisory (MGASA-2017-0281)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0053)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2701-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0: Curl PHSA-2017-0045
An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0045. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121761;...
Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update
An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
USN-3441-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...
USN-3441-1: curl vulnerabilities
Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-9586...
Debian DSA-3992-1 : curl - security update
Several vulnerabilities have been discovered in cURL, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-1000100 Even Rouault reported that cURL does not properly handle long file names when doing an TFTP upload. A malicious...
[SECURITY] [DSA 3992-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3992-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 06, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3992-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3992-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 06, 2017 https://www.debian.org/security/faq -...
CVE-2017-1000101
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...
CVE-2017-1000101
CVE-2017-1000101 is supported by multiple sources in the Connected documents, which provide concrete technical details. The flaw exists in curl’s URL globbing logic for numerical ranges: the parsing omission can cause curl to read beyond the end of the URL, storing the URL in a heap-allocated buf...
CVE-2017-1000101
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...
UBUNTU-CVE-2017-1000101
curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...
[ASA-201708-16] curl: information disclosure
Arch Linux Security Advisory ASA-201708-16 ========================================== Severity: Medium Date : 2017-08-22 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 Package : curl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-370 Summary...
openSUSE Security Update : curl (openSUSE-2017-951)
This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service bsc1051643 This update was imported from the...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2017:2174-1)
This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service bsc1051643 Note that Tenable Network Security has extract...
Fedora 26 : curl (2017-f1ffd18079)
Security fixes for CVE-2017-1000100 and CVE-2017-1000101 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...