Download
| Alert*
|
oval:org.secpod.oval:def:602348
Isaac Boukris discovered that cURL, an URL transfer library, reused NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for the new transfer. This could lead to HTTP requests being sent over the connection authentic ... oval:org.secpod.oval:def:1600347 The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015 oval:org.secpod.oval:def:52684 curl: HTTP, HTTPS, and FTP client and client libraries curl would incorrectly re-use credentials. oval:org.secpod.oval:def:37307 The host is installed with Apple Mac OS X or Server 10.11.6 and is prone to multiple security information disclosure vulnerability. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to compromise securit ... oval:org.secpod.oval:def:89045313 This update for curl fixes the following issues: - CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer The following non-security bugs were fixed: - bsc#926511: ... oval:org.secpod.oval:def:110156 cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP ... oval:org.secpod.oval:def:110120 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:110153 cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP ... oval:org.secpod.oval:def:110093 curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ... oval:org.secpod.oval:def:702946 curl: HTTP, HTTPS, and FTP client and client libraries curl would incorrectly re-use credentials. oval:org.secpod.oval:def:37306 The host is missing a critical security update according to Apple advisory, APPLE-SA-2016-09-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arb ... |
