all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ubuntu Security Notice USN-6237-1

Add to bookmarks
July 19, 2023, 3:46 p.m. |

Packet Storm packetstormsecurity.com

Ubuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.

applications certificate certificates curl idn issue notice options security security notice spoof ubuntu usn website wildcards

Visit resource

More from packetstormsecurity.com / Packet Storm

AIDE 0.18.7 17 hours ago | packetstormsecurity.com
advanced aide algorithms can +17
Systemd Insecure PTY Handling 17 hours ago | packetstormsecurity.com
changing handling high insecure +5
Microsoft PlayReady Toolkit 17 hours ago | packetstormsecurity.com
access acquisition client code +19
Docker Privileged Container Kernel Escape 18 hours ago | packetstormsecurity.com
can container container escape daemon +9
Gentoo Linux Security Advisory 202405-16 18 hours ago | packetstormsecurity.com
advisory apache apache commons can +11
Gentoo Linux Security Advisory 202405-15 18 hours ago | packetstormsecurity.com
advisory can code code execution +12
Gentoo Linux Security Advisory 202405-14 18 hours ago | packetstormsecurity.com
advisory code code execution gentoo +7
Gentoo Linux Security Advisory 202405-13 18 hours ago | packetstormsecurity.com
advisory can gentoo injection +6
Gentoo Linux Security Advisory 202405-12 18 hours ago | packetstormsecurity.com
advisory arbitrary code arbitrary code execution can +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs