Slackware: Security Advisory (SSA:2014-044-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : curl (EulerOS-SA-2019-1696)

According to the version of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2019-1665)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process...

Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection

Summary The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security vulnerabilities have been discovered in libcurl used with IBM Security Network Protection. Vulnerability Details CVEID:...

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2017:1384-1)

This update for java-170-ibm fixes the following issues: Version update to 7.0-10.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...

openSUSE Security Update : curl (openSUSE-2016-153)

This update for curl fixes the following issues : - CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer bsc962983 The following tracked bugs only affect the te...

openSUSE Security Update : curl (openSUSE-2016-152)

This update for curl fixes the following issues : - CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer bsc962983 The following non-security bugs were fixed : ...

lib32-curl: authentication bypass

A vulnerability was found in a way libcurl uses NTLM-authenticated proxy connections. Libcurl will reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. Since NTLM-based authentication is...

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

Debian DLA-211-1 : curl security update

Several vulnerabilities were discovered in cURL, an URL transfer library : CVE-2015-3143 NTLM-authenticated connections could be wrongly reused for requests without any credentials set, leading to HTTP requests being sent over the connection authenticated as a different user. This is similar to t...

Debian DSA-3232-1 : curl - security update

Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2015-3143 NTLM-authenticated connections could be wrongly reused for requests without any credentials set, leading to HTTP requests being sent over the connection authenticated as a different user. This is similar to...

DSA-3232-1 curl - security update

Bulletin has no description...