all InfoSec news
curl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities
Nov. 14, 2023, 8 a.m. |
FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The …
address buffer buffer overflow curl cve cve-2023-38545 cve-2023-38546 flaw found handshake high length libcurl libcurl cve overflow package proxy severity socks5 socks5 proxy tool vulnerabilities
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories
FortiOS - Web server ETag exposure
3 weeks, 6 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file read on endpoint
3 weeks, 6 days ago |
fortiguard.fortinet.com
FortiNAC-F - Lack of certificate validation
3 weeks, 6 days ago |
fortiguard.fortinet.com
FortiOS - Format String in CLI command
3 weeks, 6 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file delete on endpoint
3 weeks, 6 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
PMO Cybersécurité H/F
@ Hifield | Sèvres, France
Third Party Risk Management - Consultant
@ KPMG India | Bengaluru, Karnataka, India
Consultant Cyber Sécurité H/F - Strasbourg
@ Hifield | Strasbourg, France
Information Security Compliance Analyst
@ KPMG Australia | Melbourne, Australia
GDS Consulting - Cyber Security | Data Protection Senior Consultant
@ EY | Taguig, PH, 1634
Senior QA Engineer - Cloud Security
@ Tenable | Israel