exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-3441-1

Posted Oct 10, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3441-1 - Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Even Rouault discovered that curl incorrectly handled large file names when doing TFTP transfers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2016-9586, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-7407

SHA-256 | b0130c23f8916e72e2b583e6c7d268af318bf605fb5e0b272a99a1657ec8a6c0

Download | Favorite | View

Related Files

No related files