132 matches found
Internet Bug Bounty: CVE-2023-27533: TELNET option IAC injection
A vulnerability CVE-2023-27533 was found in curl versions 7.7 to 7.88.1 that allowed users to pass on user name and "telnet options" for server negotiation without proper input scrubbing, potentially allowing for the injection of unintended TELNET commands to the telnet connection. The severity o...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-079-01)
The version of curl installed on the remote host is prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-079-01 advisory. - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker t...
curl -- multiple vulnerabilities
Harry Sintonen reports: CVE-2023-27533 curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl...
curl: CVE-2023-27533: Telnet option IAC injection
A vulnerability existed in the CURLOPTTELNETOPTIONS option of the cURL library, which allowed an attacker to inject unintended TELNET commands to the telnet connection by escaping out of the telnet subnegotiation. This could allow the attacker to execute arbitrary OS commands on the target system...
SUSE CVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a 1 telnet, 2 rlogin, 3 ssh, or 4 mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files...
SUSE CVE-2022-42915
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...
AZL-13284 CVE-2022-43552 affecting package curl for versions less than 7.86.0-3
A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...
AZL-13280 CVE-2022-43552 affecting package cmake for versions less than 3.21.4-13
A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...
DEBIAN-CVE-2022-43552
A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...
OESA-2023-1007 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP...
OESA-2023-1005 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP...
PT-2022-7575 · Curl +11 · Curl +11
Name of the Vulnerable Software and Affected Versions: curl versions prior to 7.87.0 Description: A use after free vulnerability exists in curl. The issue arises when curl is asked to tunnel virtually all protocols it supports through an HTTP proxy, and the proxy denies such tunnel operations for...
HTTP proxy double free
If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of protocol through. An HTTP proxy might refuse this request HTTP proxies often only allow outgoing...
Important: Red Hat Security Advisory: telnet security update
An update for telnet is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...
CVE-2021-40113
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...
Command injection
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...
Command injection
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...
CVE-2021-40113 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...
CVE-2021-40112 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...
CVE-2021-40112 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...