29 matches found
BELL-CVE-2018-16890 CVE-2018-16890 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2018-16890
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that...
SUSE: Security Advisory (SUSE-SU-2019:0339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0249-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : curl (CESA-2019:3701)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...
curl security and bug fix update
7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...
RHEL 8 : curl (RHSA-2019:3701)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3701 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...
Fedora Update for curl FEDORA-2019-697de0501f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for curl (openSUSE-SU-2019:0174-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for curl (openSUSE-SU-2019:0173-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : curl (openSUSE-2019-173)
This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...
SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)
This update for curl fixes the following issues : Security issues fixed : CVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer overflow bsc1123377. CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response bsc1123378. CVE-2018-16890: Fixed an out-of-bounds buffer read in NT...
[ASA-201902-12] lib32-libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201902-12 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-875...
[ASA-201902-10] libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201902-10 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-877 Summary...
[ASA-201902-9] curl: arbitrary code execution
Arch Linux Security Advisory ASA-201902-9 ========================================= Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-873 Summary ======= The...
[ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201902-11 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-876...
[ASA-201902-13] lib32-curl: arbitrary code execution
Arch Linux Security Advisory ASA-201902-13 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-874 Summary ======...
[SECURITY] [DLA 1672-1] curl security update
Package : curl Version : 7.38.0-4+deb8u14 CVE IDs : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 It was discovered that there were three vulnerabilities in the curl command-line HTTP etc. client: CVE-2018-16890: A heap buffer out-of-bounds read vulnerability in the handling of NTLM type-2 messages...
Security fix for the ALT Linux 8 package curl version 7.64.0-alt1
7.64.0-alt1 built Feb. 8, 2019 Anton Farygin in task 220788 Feb. 6, 2019 Anton Farygin - 7.64.0 - fixes: CVE-2018-16890: NTLM type-2 out-of-bounds buffer read CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow CVE-2019-3823: SMTP end-of-response out-of-bounds read...
Ubuntu: Security Advisory (USN-3882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...