exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2019-5436

Status Candidate

Overview

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

Related Files

Red Hat Security Advisory 2020-2505-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2505-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2019-5436
MD5 | 04882ecd26e1dc285ccb37c592f2143d
Red Hat Security Advisory 2020-1792-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1792-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include buffer overflow and double free vulnerabilities.

tags | advisory, web, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
MD5 | 18d77e36f531d8ecfa916126fffa8ef4
Red Hat Security Advisory 2020-1020-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1020-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2019-5436
MD5 | 1bae43ff677dda267b696e024acc0618
Gentoo Linux Security Advisory 202003-29
Posted Mar 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-29 - Multiple vulnerabilities have been found in cURL, the worst of which may lead to arbitrary code execution. Versions less than 7.66.0 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
MD5 | 502e92384dc33152f27a17095989604b
Debian Security Advisory 4633-1
Posted Feb 25, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
MD5 | 7f606fba91b7dc47bb50af7affaf96b9
Slackware Security Advisory - curl Updates
Posted May 23, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-5435, CVE-2019-5436
MD5 | 7de7e6dc7a9b1db2e5d3c236a0dab575
Ubuntu Security Notice USN-3993-2
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3993-2 - USN-3993-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5436
MD5 | 171809959a77766ef2db183f2aa4aa3c
Ubuntu Security Notice USN-3993-1
Posted May 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3993-1 - Wenchao Li discovered that curl incorrectly handled memory in the curl_url_set function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5435, CVE-2019-5436
MD5 | 7a6b2a7276dd51ccf6aa6ba7840777a5
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close