FreeBSD: VID-301A01B7-D50E-11E7-AC58-B499BAEBFEAF (CVE-2017-8816): cURL -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | November 29, 2017 | November 29, 2017 | December 20, 2017 |
Description
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
freebsd-upgrade-package-curlRelated Vulnerabilities
- SUSE: CVE-2017-8816: SUSE Linux Security Advisory
- Juniper Junos OS: 2018-07 Security Bulletin: Junos OS: cURL: Multiple vulnerabilities in multiple cURL versions (JSA10874) (multiple CVEs)
- Amazon Linux AMI: CVE-2017-8816: Security patch for curl (ALAS-2018-938)
- OS X update for curl (CVE-2017-8816)
- Alpine Linux: CVE-2017-8816: curl Multiple vulnerabilities
- Gentoo Linux: CVE-2017-8816: cURL: Multiple vulnerabilities
- Debian: CVE-2017-8816: curl -- security update
- Ubuntu: USN-3498-1 (CVE-2017-8816): curl vulnerabilities
- Oracle Solaris 11: CVE-2017-8816: Vulnerability in libcurl