29 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-8817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash or...
RHEL 6 / 7 : httpd24 (RHSA-2018:3558)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...
Mageia: Security Advisory (MGASA-2018-0053)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0054)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0122-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1039)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1330)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update
An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Fedora Update for curl FEDORA-2018-ba443bcb6d
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0 : Linux / Postgresql / Binutils / Curl / Libtiff (PhotonOS-PHSA-2018-2.0-0016) (deprecated)
An update of 'linux', 'curl', 'binutils', 'postgresql', 'libtiff' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0016. The...
EulerOS 2.0 SP1 : curl (EulerOS-SA-2018-1039)
According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service out-of-bounds read and application...
About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan
About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan This document describes the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan. About Apple securi...
openSUSE Security Update : curl (openSUSE-2018-56)
This update for curl fixes the following issues : Security issues fixed : - CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code bsc1069226. - CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function bsc1069222. This update was imported from the SUSE:SLE-12:Update update...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0122-1)
This update for curl fixes the following issues: Security issues fixed : - CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code bsc1069226. - CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function bsc1069222. Note that Tenable Network Security has extracted the precedin...
SUSE-SU-2018:0122-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2017-8816: Buffer overrun flaw in the NTLM authentication code bsc1069226. - CVE-2017-8817: Read out of bounds flaw in the FTP wildcard function bsc1069222...
Fedora 27 : curl (2017-45bdf4dace)
fix NTLM buffer overflow via integer overflow CVE-2017-8816 - fix FTP wildcard out of bounds read CVE-2017-8817 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...
Amazon Linux AMI : curl (ALAS-2018-938)
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service integer overflow and resultant buffer overflow, and application crash or possibly have unspecified other impact via vectors involving long user and password fields...
Fedora 26 : curl (2017-0c062324cd)
fix NTLM buffer overflow via integer overflow CVE-2017-8816 - fix FTP wildcard out of bounds read CVE-2017-8817 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...
Security fix for the ALT Linux 8 package curl version 7.57.0-alt1
Dec. 1, 2017 Anton Farygin 7.57.0-alt1 - new version - fixes: CVE-2017-8818 SSL out of buffer access CVE-2017-8817 FTP wildcard out of bounds read CVE-2017-8816 NTLM buffer overflow via integer overflow...
Debian DLA-1195-1 : curl security update
CVE-2017-8817 Fuzzing by the OSS-Fuzz project led to the discovery of a read out of bounds flaw in the FTP wildcard function in libcurl. A malicious server could redirect a libcurl-based client to an URL using a wildcard pattern, triggering the out-of-bound read. For Debian 7 'Wheezy', these...