2975 matches found
Design/Logic Flaw
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...
CVE-2009-2417
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...
CVE-2009-2417
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...
CVE-2009-2417
CVE-2009-2417 affects lib/ssluse.c in curl/libcurl 7.4–7.19.5 when OpenSSL is used. The flaw is that a '�' character in the X.509 certificate CN may bypass domain-name checks, enabling MITM spoofing of SSL servers via certificates from a trusted CA. Impact and exploitability are described in the ...
curl security update
CentOS Errata and Security Advisory CESA-2009:1209 Updated curl packages that fix security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting files from...
PHP cURL safe_mode和open_basedir绕过安全限制漏洞
BUGTRAQ ID: 34475 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP支持libcurl库,用户可以使用各种类型的协议连接到不同类型的服务器。curl函数在检查safemode和openbasedir限制时存在漏洞,可能允许用户绕过安全限制执行非授权操作。例如对于以下代码: curlsetopt$ch, CURLOPTURL, "file:file:////etc/passwd"; curl首先对以下内容检查safemode和openbasedir: "file:////etc/passwd" 接下来读取:...
PHP 5.2.9 curl safe_mode & open_basedir bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.9 curl safemode & openbasedir bypass Author: Maksymilian Arciemowicz http://SecurityReason.com Date: - - Dis.: 31.12.2008 - - Pub.: 10.04.2009 Original URL: http://securityreason.com/achievementsecurityalert/61 - --- 0.Description --- PHP is a...
curl security update
CentOS Errata and Security Advisory CESA-2009:0341-01 Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting...
Debian Security Advisory DSA 1738-1 (curl)
The remote host is missing an update to curl announced via advisory DSA 1738-1. OpenVAS Vulnerability Test $Id: deb17381.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1738-1 curl Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
RedHat Security Advisory RHSA-2009:0341
The remote host is missing updates announced in advisory RHSA-2009:0341. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. David Kierznowski...
RedHat Security Advisory RHSA-2009:0341
The remote host is missing updates announced in advisory RHSA-2009:0341. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. David Kierznowski...
RHEL 2.1 / 3 / 4 / 5 : curl (RHSA-2009:0341)
Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers,...
curl security update
CentOS Errata and Security Advisory CESA-2009:0341 Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting files...
curl: local file access via unsafe redirects
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
Debian: Security Advisory (DSA-1738-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1738-1 : curl - arbitrary file access
David Kierznowski discovered that libcurl, a multi-protocol file transfer library, when configured to follow URL redirects automatically, does not question the new target location. As libcurl also supports file:// and scp:// URLs - depending on the setup - an untrusted server could use that to...
DSA-1738-1 curl - arbitrary file access
Bulletin has no description...
CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
Design/Logic Flaw
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...