Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks th...

7.5CVSS6.6AI score0.08465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.37 views

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

10CVSS7AI score0.86006EPSS
Exploits0References89
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.5 views

SUSE CVE-2017-1000254

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

3.7CVSS7.2AI score0.08465EPSS
Exploits0References24
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.72 views

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.11175EPSS
Exploits0References21
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2018-0054)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.11175EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2017:3176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.08465EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2017-1287)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.08465EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.38 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2017-1288)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.08465EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1330)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.12058EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/10/10 10:51 a.m.26 views

CVE-2017-1000254

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

7.5CVSS0.1AI score0.08465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.58 views

Photon OS 2.0: Curl PHSA-2017-0045

An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0045. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121761;...

7.5CVSS6.8AI score0.08465EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.509 views

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

10CVSS7AI score0.86006EPSS
Exploits0References49
OpenVAS
OpenVAS
added 2018/09/22 12:0 a.m.30 views

Fedora Update for curl FEDORA-2018-ba443bcb6d

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.12058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.27 views

Fedora 27 : curl (2017-e8179c06fd)

fix out of bounds read in FTP PWD response parser CVE-2017-1000254 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS6.3AI score0.08465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/04 12:0 a.m.40 views

SUSE SLES11 Security Update : curl (SUSE-SU-2017:3176-1)

This update for curl fixes the following security issues : - CVE-2017-1000254: FTP PWD response parser out of bounds read bsc1061876 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

7.5CVSS6.4AI score0.08465EPSS
Exploits0References4
OSV
OSV
added 2017/12/01 2:3 p.m.3 views

SUSE-SU-2017:3176-1 Security update for curl

This update for curl fixes the following security issues: - CVE-2017-1000254: FTP PWD response parser out of bounds read bsc1061876...

7.5CVSS7.6AI score0.08465EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.34 views

EulerOS 2.0 SP1 : curl (EulerOS-SA-2017-1287)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not,...

7.5CVSS6.8AI score0.08465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/11/06 12:0 a.m.47 views

Amazon Linux AMI : curl (ALAS-2017-919)

FTP PWD response parser out of bounds read libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257...

7.5CVSS6.7AI score0.08465EPSS
Exploits0References2
Amazon
Amazon
added 2017/11/02 12:0 a.m.27 views

Medium: curl

Issue Overview: FTP PWD response parser out of bounds read libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then...

7.5CVSS8.3AI score0.08465EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2017/11/01 12:0 a.m.63 views

USN-3441-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

8.1CVSS7.8AI score0.08465EPSS
Exploits0
Rows per page
Query Builder