Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-919-1:2D6BD
HistoryDec 12, 2005 - 1:03 p.m.

[SECURITY] [DSA 919-1] New curl packages fix potential security problem

2005-12-1213:03:48
lists.debian.org
13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.7%

JSON

Debian Security Advisory DSA 919-1 [email protected]
http://www.debian.org/security/ Martin Schulze
December 12th, 2005 http://www.debian.org/security/faq

Package : curl
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2005-4077 CVE-2005-3185
BugTraq ID : 15756 15102 15647
Debian Bug : 342339 342696

Several problems were discovered in libcurl, a multi-protocol file
transfer library. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-3185

A vulnerability has been discovered a buffer overflow in libcurl
that could allow the execution of arbitrary code.

CVE-2005-4077

Stefan Esser discovered several off-by-one errors that allows
local users to trigger a buffer overflow and cause a denial of
service or bypass PHP security restrictions via certain URLs.

For the old stable distribution (woody) these problems have been fixed in
version 7.9.5-1woody1.

For the stable distribution (sarge) these problems have been fixed in
version 7.13.2-2sarge4. This update also includes a bugfix against
data corruption.

For the unstable distribution (sid) these problems have been fixed in
version 7.15.1-1.

We recommend that you upgrade your libcurl packages.

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1.dsc
  Size/MD5 checksum:      603 c7980d3b9589f2ef20390a70e0b4de74
http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1.diff.gz
  Size/MD5 checksum:    16631 e35ec4ff7161fa158c04c8cbf716d159
http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5.orig.tar.gz
  Size/MD5 checksum:   682397 a4df6bb5aa8962c204e73c8f98077928

Alpha architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_alpha.deb
  Size/MD5 checksum:   118498 584184fdc57b0b302b1c16b293222492
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_alpha.deb
  Size/MD5 checksum:   195922 6a58bcdea99e866fdfbad573b3d6ef8d
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_alpha.deb
  Size/MD5 checksum:   116574 799b6ccd5c223cd8580c8e4fc610fef8

ARM architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_arm.deb
  Size/MD5 checksum:   114452 028489639e478d66a6223c7a2175cac9
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_arm.deb
  Size/MD5 checksum:   172978 ad531498826aaa48ec0e2eb5c2df7207
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_arm.deb
  Size/MD5 checksum:   101852 c7df9a970ef2f5a1ac11f6aae2c539be

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_i386.deb
  Size/MD5 checksum:   112954 55c016b60375a465dd139b25a9860e3b
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_i386.deb
  Size/MD5 checksum:   163696 c88d95d412ef529c8eebc9d21a5d6006
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_i386.deb
  Size/MD5 checksum:   100482 ca2e1ea6b2508888814e75101a9936bf

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_ia64.deb
  Size/MD5 checksum:   122062 7476d36d7530caab9aa08c8c24bc7b17
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_ia64.deb
  Size/MD5 checksum:   210310 5ef9167039cdf11ba26f5380265e9f0e
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_ia64.deb
  Size/MD5 checksum:   139432 6c924348404f96a9d534485d231da013

HP Precision architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_hppa.deb
  Size/MD5 checksum:   116424 a94545e972184368284431251dc81bc0
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_hppa.deb
  Size/MD5 checksum:   186366 a9ef087b21652930a452f9aa61e17040
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_hppa.deb
  Size/MD5 checksum:   112976 9f67b8e55d8578f97913aef8135251cc

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_m68k.deb
  Size/MD5 checksum:   112776 246260a28117b2c1fc01d9754e4dc4fe
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_m68k.deb
  Size/MD5 checksum:   159130 3e9ce9d21bbdce3688ddbaf4f260ac2f
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_m68k.deb
  Size/MD5 checksum:    97160 01ce2ddf9d7a91373bc02086a0718225

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_mips.deb
  Size/MD5 checksum:   115468 6e64a1534418bb425a1ad1dc2be0e1f9
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_mips.deb
  Size/MD5 checksum:   183938 5978db39fe8acd2a4042c6f184129211
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_mips.deb
  Size/MD5 checksum:   105234 2e48fba8ba1392918aa0c0ad95b0d237

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_mipsel.deb
  Size/MD5 checksum:   115494 0c3bdfc2517c81dda03e999505711af5
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_mipsel.deb
  Size/MD5 checksum:   183856 aef61efcb299d750e575eb1e8cc0a500
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_mipsel.deb
  Size/MD5 checksum:   105328 830278f24a115bf4dfa2a57517507faa

PowerPC architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_powerpc.deb
  Size/MD5 checksum:   115064 36a580ccb525717018023223252a2dad
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_powerpc.deb
  Size/MD5 checksum:   181490 7af33b2711cea9edd18a1e0bf76b7908
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_powerpc.deb
  Size/MD5 checksum:   106400 362227268352e1b6345d665e46cad9f4

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_s390.deb
  Size/MD5 checksum:   114380 e67536f6369452d7eb9c68a526b50acc
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_s390.deb
  Size/MD5 checksum:   167516 6a47b2681d358a72dd2da46cd282cde3
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_s390.deb
  Size/MD5 checksum:   104362 f48b9e5257fb2d933676f1bdedf65700

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.9.5-1woody1_sparc.deb
  Size/MD5 checksum:   114212 dcc862dfac0b145a85dd41ee26b8f68a
http://security.debian.org/pool/updates/main/c/curl/libcurl-dev_7.9.5-1woody1_sparc.deb
  Size/MD5 checksum:   173280 9d4005552173802f517f84c7b7ff6e7c
http://security.debian.org/pool/updates/main/c/curl/libcurl2_7.9.5-1woody1_sparc.deb
  Size/MD5 checksum:   107954 1bcfdf01ff3c281aca72220de9c36285

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4.dsc
  Size/MD5 checksum:      810 da7861471f869f9a9ec5134d5fd38d19
http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4.diff.gz
  Size/MD5 checksum:   171255 d385dd607b786b7f850a9f24babcc65a
http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2.orig.tar.gz
  Size/MD5 checksum:  2201086 b3bd4a303f35f9a2a3ed3671cedf8329

Alpha architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_alpha.deb
  Size/MD5 checksum:   150884 bd55a60b515ee8c2465fd17f7de29d50
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_alpha.deb
  Size/MD5 checksum:   251276 2f8cc5197eb54c78b18f25f63207d286
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_alpha.deb
  Size/MD5 checksum:  1010862 797c1b435ae57f09704840682615fed9
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_alpha.deb
  Size/MD5 checksum:  1279412 1d9b9bcaeb4f55b4e1029ab24b74cb7f
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_alpha.deb
  Size/MD5 checksum:   132164 b81c4278c3cbdf9c78266ca451110745

AMD64 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_amd64.deb
  Size/MD5 checksum:   148002 b56233f49b100362e368b03e66218720
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_amd64.deb
  Size/MD5 checksum:   239260 d13d8eaecec3d63810e1ed73a6268ee2
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_amd64.deb
  Size/MD5 checksum:  1004100 712cffdd8bb0678bbd5372f8038bf743
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_amd64.deb
  Size/MD5 checksum:  1237918 5b7ab2089d6c421223ab1d5bca45ccc8
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_amd64.deb
  Size/MD5 checksum:   119332 a29338d6eebb002f76b64eb8db25669d

ARM architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_arm.deb
  Size/MD5 checksum:   147036 4d7dd6a1e18101e9f82ca47bd71adee6
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_arm.deb
  Size/MD5 checksum:   232254 7e7aa0f0d63d809380c5cf16a7bd9998
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_arm.deb
  Size/MD5 checksum:  1006512 1b6bba8334374b9a0973834db013deec
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_arm.deb
  Size/MD5 checksum:  1236324 d6e759826948dfc0b85100aa0721acbd
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_arm.deb
  Size/MD5 checksum:   112850 6a4bb805155911126e0da34c9a69caba

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_i386.deb
  Size/MD5 checksum:   146622 b5c28b5df70be2f14ccc38ba76445184
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_i386.deb
  Size/MD5 checksum:   237394 deeefb82e0e50917d334cd58e941c703
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_i386.deb
  Size/MD5 checksum:  1003560 5a072f044f577601edf276a80eee1a16
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_i386.deb
  Size/MD5 checksum:  1223642 101c390bd001489d4338f18b64c7564f
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_i386.deb
  Size/MD5 checksum:   118476 0b34194348da0cf2e73833791321f8be

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_ia64.deb
  Size/MD5 checksum:   156700 c40c8b873384b31606d0f86f62f87d62
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_ia64.deb
  Size/MD5 checksum:   279198 15bb908f6a841d8ffab2051484691d6d
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_ia64.deb
  Size/MD5 checksum:  1014686 c515f26ae840693a7af303b939e533de
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_ia64.deb
  Size/MD5 checksum:  1293752 a96384202ca09ebb218eb7ab0872da4d
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_ia64.deb
  Size/MD5 checksum:   160754 e197fcb10908f1201b12105d6a4fe988

HP Precision architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_hppa.deb
  Size/MD5 checksum:   150516 e80d05b29994e4a4aa921a060f1aaa4a
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_hppa.deb
  Size/MD5 checksum:   251178 95c1f4a011dd7509e631326175c6f4ac
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_hppa.deb
  Size/MD5 checksum:  1002034 069328e53c666557d876adc4c7df762a
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_hppa.deb
  Size/MD5 checksum:  1253588 66b90d2a50a329df1a6d2deb5db11caf
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_hppa.deb
  Size/MD5 checksum:   132258 345e3389c3d58356d4324b6cb09b4ce1

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_m68k.deb
  Size/MD5 checksum:   144622 dcd9d447dc466637937f1390df4efe8c
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_m68k.deb
  Size/MD5 checksum:   227834 d354dcd599d04d9c592b8fdbbe833775
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_m68k.deb
  Size/MD5 checksum:   998522 83c7e2d7474f2bc623d3fa19db556c94
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_m68k.deb
  Size/MD5 checksum:  1211958 a3e925c82c058b01971a781462d56fe9
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_m68k.deb
  Size/MD5 checksum:   108658 c59d11114a8209e7fec2b5fd608e3864

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_mips.deb
  Size/MD5 checksum:   149912 722a66107541a6d2ae823f46b1459743
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_mips.deb
  Size/MD5 checksum:   237422 08c3c48899e33babbc9bc8f3d8b8d97d
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_mips.deb
  Size/MD5 checksum:  1007542 26b4bee9ab3ece84e1a2ef5bc0cfa815
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_mips.deb
  Size/MD5 checksum:  1246952 ab4a46b14f124baad25a1c15e5f84f5d
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_mips.deb
  Size/MD5 checksum:   118446 76a1ed48d045c6eec4ac3a9246adf369

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_mipsel.deb
  Size/MD5 checksum:   150000 68e58cb1e4a76411d44f0cc28bed3dac
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_mipsel.deb
  Size/MD5 checksum:   237988 53b75c49f88e29ea3b0615a33d1d179f
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_mipsel.deb
  Size/MD5 checksum:  1010926 a31f246e13a31e422d6abd4637e7d79f
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_mipsel.deb
  Size/MD5 checksum:  1247194 ae4a7ceb8e33c0f6d6e0ea017c1fd5a7
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_mipsel.deb
  Size/MD5 checksum:   118908 499638c1e407f837d438eb3ee25b71c5

PowerPC architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_powerpc.deb
  Size/MD5 checksum:   150630 9d498e220cf3f1ea0bed9eba37895994
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_powerpc.deb
  Size/MD5 checksum:   243434 e115acf14a63f9c2a19d42b1963ca7a0
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_powerpc.deb
  Size/MD5 checksum:  1640952 fa15696dc540f1615672417c997761b3
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_powerpc.deb
  Size/MD5 checksum:  1245276 db89abb638e975cdbcc0381b4123ea10
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_powerpc.deb
  Size/MD5 checksum:   124126 78380f53d3d3656f87ea7d407e0ecd37

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_s390.deb
  Size/MD5 checksum:   148600 4660101e4a8bd44eb68ef9ea80d95502
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_s390.deb
  Size/MD5 checksum:   246602 de14f2625c352dc0f96981759b7ae94d
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_s390.deb
  Size/MD5 checksum:  1025394 ea2821337cbbefffa7833cc8f2f73aae
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_s390.deb
  Size/MD5 checksum:  1240726 1942bd69e7d06c8fa4f0aefda94a2b54
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_s390.deb
  Size/MD5 checksum:   127424 a7412a250bd42c0cfe74d054a76e4352

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/c/curl/curl_7.13.2-2sarge4_sparc.deb
  Size/MD5 checksum:   147624 92c2113d31613a17dad62bf4585bb96d
http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.13.2-2sarge4_sparc.deb
  Size/MD5 checksum:   236962 defcd15ad18e2110105685aa592c36cb
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.13.2-2sarge4_sparc.deb
  Size/MD5 checksum:   996594 515599851d6c7bc75edd4bd2a85e1b22
http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.13.2-2sarge4_sparc.deb
  Size/MD5 checksum:  1232322 4680ad497ca64e90d3a8cfc10f134ca7
http://security.debian.org/pool/updates/main/c/curl/libcurl3-gssapi_7.13.2-2sarge4_sparc.deb
  Size/MD5 checksum:   117968 8b50fcf2af77f3f5b075797c3f5db265

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

OSVersionArchitecturePackageVersionFilename
Debian3m68klibcurl-dev< 7.9.5-1woody2libcurl-dev_7.9.5-1woody2_m68k.deb
Debian3.1alphalibcurl3-gssapi< 7.13.2-2sarge5libcurl3-gssapi_7.13.2-2sarge5_alpha.deb
Debian3alphalibcurl-dev< 7.9.5-1woody2libcurl-dev_7.9.5-1woody2_alpha.deb
Debian3.1alphacurl< 7.13.2-2sarge5curl_7.13.2-2sarge5_alpha.deb
Debian3.1armlibcurl3-dev< 7.13.2-2sarge5libcurl3-dev_7.13.2-2sarge5_arm.deb
Debian3.1hppalibcurl3-gssapi< 7.13.2-2sarge5libcurl3-gssapi_7.13.2-2sarge5_hppa.deb
Debian3hppalibcurl2< 7.9.5-1woody2libcurl2_7.9.5-1woody2_hppa.deb
Debian3.1mipslibcurl3-gssapi< 7.13.2-2sarge5libcurl3-gssapi_7.13.2-2sarge5_mips.deb
Debian3.1armlibcurl3-gssapi< 7.13.2-2sarge5libcurl3-gssapi_7.13.2-2sarge5_arm.deb
Debian3mipsellibcurl-dev< 7.9.5-1woody2libcurl-dev_7.9.5-1woody2_mipsel.deb
Rows per page:
1-10 of 951

Related

nessus 27
securityvulns 3
openvas 18
debian 3
osv 1
centos 5
gentoo 3
ubuntucve 2
cvelist 2
nvd 2
f5 2
veracode 1
slackware 1
debiancve 2
ubuntu 2
redhat 3
cve 2
freebsd 1
nessus
nessus
Fedora Core 4 : curl-7.13.1-4.fc4 (2005-1129)
2005-12-11 00:00:00
Debian DSA-919-2 : curl - buffer overflow
2006-10-14 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : curl/wget (SSA:2005-310-01)
2005-11-07 00:00:00
securityvulns
securityvulns
Multiple Network-related Vulnerabilities in Electric Sheep
2005-12-26 00:00:00
[ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl
2006-03-28 00:00:00
[Full-disclosure] iDEFENSE Security Advisory 10.13.05: Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability
2005-10-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 919-1 (curl)
2008-01-17 00:00:00
Debian Security Advisory DSA 919-1 (curl)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-919-2)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 919-1] New curl packages fix potential security problem
2005-12-12 13:03:48
[SECURITY] [DSA 919-2] New curl packages fix potential security problem
2006-03-10 10:04:53
[SECURITY] [DSA 919-2] New curl packages fix potential security problem
2006-03-10 10:04:53
osv
osv
curl - buffer overflow
2005-12-12 00:00:00
centos
centos
curl security update
2005-12-21 02:50:35
wget security update
2005-11-02 17:08:39
wget security update
2005-11-03 05:22:50
gentoo
gentoo
cURL: NTLM username stack overflow
2005-10-22 00:00:00
OpenOffice.org: Heap overflow in included libcurl
2006-03-27 00:00:00
cURL: Off-by-one errors in URL handling
2005-12-16 00:00:00
ubuntucve
ubuntucve
CVE-2005-3185
2005-10-13 00:00:00
CVE-2005-4077
2005-12-08 00:00:00
cvelist
cvelist
CVE-2005-3185
2005-10-13 04:00:00
CVE-2005-4077
2005-12-08 01:00:00
nvd
nvd
CVE-2005-3185
2005-10-13 22:02:00
CVE-2005-4077
2005-12-08 01:03:00
f5
f5
SOL5868 - Buffer overflow vulnerability in cURL - CVE-2005-4077
2007-05-16 00:00:00
K5868 : Buffer overflow vulnerability in cURL - CVE-2005-4077
2013-03-27 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:10:48
slackware
slackware
curl/wget
2005-11-06 13:02:36
debiancve
debiancve
CVE-2005-3185
2005-10-13 22:02:00
CVE-2005-4077
2005-12-08 01:03:00
ubuntu
ubuntu
curl library vulnerability
2005-12-13 00:00:00
Curl and wget vulnerabilities
2005-10-14 00:00:00
redhat
redhat
(RHSA-2005:812) wget security update
2005-11-02 00:00:00
(RHSA-2005:807) curl security update
2005-11-02 00:00:00
(RHSA-2005:875) curl security update
2005-12-20 00:00:00
cve
cve
CVE-2005-3185
2005-10-13 22:02:00
CVE-2005-4077
2005-12-08 01:03:00
freebsd
freebsd
curl -- URL buffer overflow vulnerability
2005-12-07 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.7%

JSON
Related for DEBIAN:DSA-919-1:2D6BD
nessus27securityvulns3openvas18debian3osv1centos5gentoo3ubuntucve2cvelist2nvd2f52veracode1slackware1debiancve2ubuntu2redhat3cve2freebsd1