The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
curlgt7.36.0
curlle7.56.1
libcurlge7.36.0
libcurlle7.56.1

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	9.0
curl	gt	7.36.0
curl	le	7.56.1
libcurl	ge	7.36.0
libcurl	le	7.56.1

References

security.cucumberlinux.com/security/details.php?id=161

www.securityfocus.com/bid/101998

www.securitytracker.com/id/1039896

www.securitytracker.com/id/1040608

access.redhat.com/errata/RHSA-2018:3558

curl.haxx.se/docs/adv_2017-12e7.html

security.gentoo.org/glsa/201712-04

www.debian.org/security/2017/dsa-4051

cve 2

nvd 2

veracode 1

debiancve 2

alpinelinux 2

cvelist 2

ubuntucve 2

redhatcve 2

osv 3

nessus 28

ubuntu 1

openvas 14

amazon 4

ibm 6

prion 1

debian 1

fedora 4

cloudfoundry 1

freebsd 2

archlinux 3

altlinux 1

slackware 1

mageia 2

gentoo 1

photon 4

rosalinux 1

apple 4

redhat 1

cve

CVE-2017-8816

2017-11-29 18:29:00

CVE-2018-14618

2018-09-05 19:29:00

nvd

CVE-2017-8816

2017-11-29 18:29:00

CVE-2018-14618

2018-09-05 19:29:00

veracode

Denial Of Service (DoS) Through Integer Overflow

2018-06-13 08:32:11

debiancve

CVE-2017-8816

2017-11-29 18:29:00

CVE-2018-14618

2018-09-05 19:29:00

alpinelinux

CVE-2017-8816

2017-11-29 18:29:00

CVE-2018-14618

2018-09-05 19:29:00

cvelist

CVE-2017-8816

2017-11-29 18:00:00

CVE-2018-14618

2018-09-05 19:00:00

ubuntucve

CVE-2017-8816

2017-11-29 00:00:00

CVE-2018-14618

2018-09-05 00:00:00

redhatcve

CVE-2017-8816

2017-11-29 11:19:41

CVE-2018-14618

2018-09-05 09:19:06

osv

CVE-2017-8816

2017-11-29 18:29:00

curl - security update

2017-11-29 00:00:00

CVE-2018-14618

2018-09-05 19:29:00

nessus

Fedora 26 : curl (2017-0c062324cd)

2017-12-11 00:00:00

Fedora 27 : curl (2017-45bdf4dace)

2018-01-15 00:00:00

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0122-1)

2018-01-18 00:00:00

ubuntu

curl vulnerabilities

2017-11-29 00:00:00

openvas

Fedora Update for curl FEDORA-2017-0c062324cd

2017-12-10 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1237)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1240)

2020-01-23 00:00:00

amazon

Medium: curl

2018-01-03 08:22:00

Low: curl

2018-12-18 19:09:00

Low: curl

2018-12-06 00:29:00

ibm

Security Bulletin: Vulnerability in curl affects IBM Cloud Pak System (CVE-2018-14618)

2020-05-06 12:02:05

Security Bulletin: Vulnerabilities in cURL affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru (CVE-2017-8816 CVE-2017-8817 CVE-2017-8818)

2019-01-31 02:40:01

Security Bulletin: Vulnerabilities in cURL affect QLogic Virtual Fabric Extension Module for IBM BladeCenter

2023-04-10 21:40:46

prion

Integer overflow

2018-09-05 19:29:00

debian

[SECURITY] [DSA 4051-1] curl security update

2017-11-29 11:09:32

fedora

[SECURITY] Fedora 26 Update: curl-7.53.1-13.fc26

2017-12-09 22:30:25

[SECURITY] Fedora 27 Update: curl-7.55.1-8.fc27

2017-12-10 05:11:43

[SECURITY] Fedora 27 Update: curl-7.55.1-11.fc27

2018-05-23 16:00:01

cloudfoundry

USN-3498-1: curl vulnerabilities | Cloud Foundry

2017-12-14 00:00:00

freebsd

curl -- password overflow vulnerability

2018-09-05 00:00:00

cURL -- Multiple vulnerabilities

2017-11-29 00:00:00

archlinux

[ASA-201711-36] lib32-curl: multiple issues

2017-11-30 00:00:00

[ASA-201711-38] lib32-libcurl-compat: multiple issues

2017-11-30 00:00:00

[ASA-201711-37] lib32-libcurl-gnutls: multiple issues

2017-11-30 00:00:00

altlinux

Security fix for the ALT Linux 8 package curl version 7.57.0-alt1

2017-12-01 00:00:00

slackware

[slackware-security] curl

2017-11-29 22:40:18

mageia

Updated curl packages fix security vulnerability

2018-01-03 19:40:26

Updated curl packages fix security vulnerability

2018-01-03 19:40:26

gentoo

cURL: Multiple vulnerabilities

2017-12-14 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0108

2018-02-14 00:00:00

Critical Photon OS Security Update - PHSA-2018-0108

2018-02-14 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0016

2018-02-14 00:00:00

rosalinux

Advisory ROSA-SA-2021-1818

2021-07-02 16:36:57

apple

About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan

2018-01-23 00:00:00

About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support

2018-11-17 12:29:37

About the security content of macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan - Apple Support

2019-05-15 09:12:42

redhat

(RHSA-2018:3558) Moderate: httpd24 security, bug fix, and enhancement update

2018-11-13 08:00:33

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.9 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

Related for PRION:CVE-2017-8816