6 matches found
EulerOS Virtualization 3.0.1.0 : curl (EulerOS-SA-2019-1549)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldapgetattributeber function. A...
Amazon Linux 2 : curl (ALAS-2019-1162)
libcurl is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM serv...
MGASA-2018-0054 Updated curl packages fix security vulnerability
libcurl contains a buffer overrun flaw in the NTLM authentication code CVE-2017-8816. libcurl contains a read out of bounds flaw in the FTP wildcard function CVE-2017-8817. libcurl may read outside of a heap allocated buffer when doing FTP CVE-2017-1000254. libcurl contains a buffer overrun flaw ...
Haxx curl and libcurl denial of service vulnerabilities
Haxx curl and libcurl are both products of the Swedish company Haxx. curl is a set of file transfer tools that utilize URL syntax to work at the command line. libcurl is a free, open source client-side URL transfer library. A denial of service vulnerability exists in the FTP wildcard function in...
CVE-2017-8817
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibly have unspecified other impact via a string that ends with an '' character...
CVE-2017-8817
The CVE-2017-8817 issue is a read-out-of-bounds in libcurl’s FTP wildcard function that occurs when a path ends with an opening bracket [, affecting curl/libcurl versions earlier than 7.57.0. This can lead to a crash and potential information leakage. Amazon Linux 2 and other advisories (ALAS-201...