ALT-PU-2017-2736-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2017-8816
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
- http://security.cucumberlinux.com/security/details.php?id=161
- http://security.cucumberlinux.com/security/details.php?id=161
- 101998
- 101998
- 1039896
- 1039896
- 1040608
- 1040608
- RHSA-2018:3558
- RHSA-2018:3558
- https://curl.haxx.se/docs/adv_2017-12e7.html
- https://curl.haxx.se/docs/adv_2017-12e7.html
- GLSA-201712-04
- GLSA-201712-04
- DSA-4051
- DSA-4051
Modified: 2024-11-21
CVE-2017-8817
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
- http://security.cucumberlinux.com/security/details.php?id=162
- http://security.cucumberlinux.com/security/details.php?id=162
- 102057
- 102057
- 1039897
- 1039897
- RHSA-2018:3558
- RHSA-2018:3558
- https://curl.haxx.se/docs/adv_2017-ae72.html
- https://curl.haxx.se/docs/adv_2017-ae72.html
- [debian-lts-announce] 20171130 [SECURITY] [DLA 1195-1] curl security update
- [debian-lts-announce] 20171130 [SECURITY] [DLA 1195-1] curl security update
- GLSA-201712-04
- GLSA-201712-04
- DSA-4051
- DSA-4051
Modified: 2024-11-21
CVE-2017-8818
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.