all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-5964-1: curl vulnerabilities

Add to bookmarks
March 20, 2023, 12:30 p.m. |

Ubuntu security notices ubuntu.com

Harry Sintonen discovered that curl incorrectly handled certain TELNET
connection options. Due to lack of proper input scrubbing, curl could pass
on user name and telnet options to the server as provided, contrary to
expectations. (CVE-2023-27533)

Harry Sintonen discovered that curl incorrectly handled special tilde
characters when used with SFTP paths. A remote attacker could possibly use
this issue to circumvent filtering. (CVE-2023-27534)

Harry Sintonen discovered that curl incorrectly reused certain FTP
connections. This could lead to the wrong credentials …

characters connections curl cve ftp input issue name options server sftp special telnet usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6736-1: klibc vulnerabilities 9 hours ago | ubuntu.com
arbitrary code attacker code crash +8
USN-6735-1: Node.js vulnerabilities 9 hours ago | ubuntu.com
attacker automated certificate cve +16
USN-6734-1: libvirt vulnerabilities 1 day, 4 hours ago | ubuntu.com
api attacker crash cve +8
USN-6733-1: GnuTLS vulnerabilities 1 day, 4 hours ago | ubuntu.com
attacker channel crash cve +16
USN-6732-1: WebKitGTK vulnerabilities 1 day, 4 hours ago | ubuntu.com
arbitrary code arbitrary code execution attacker attacks +21
USN-6731-1: YARD vulnerabilities 1 day, 10 hours ago | ubuntu.com
access arbitrary files attackers attacks +19
USN-6730-1: Apache Maven Shared Utils vulnerability 4 days, 22 hours ago | ubuntu.com
apache arbitrary code attacker attacks +9
USN-6727-2: NSS regression 5 days, 2 hours ago | ubuntu.com
advisory attacker certificates fixes +14
USN-6729-1: Apache HTTP Server vulnerabilities 5 days, 4 hours ago | ubuntu.com
apache attacker attacks chen +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Senior Cybersecurity Technical Delivery Manager

@ MUFG | London Ropemaker place
View on infosec-jobs.com

Junior consultant-Technology Risk

@ EY | Bratislava, SK, 811 02
View on infosec-jobs.com

Director of Security Engineering, Information Security

@ Illumio | Sunnyvale, California
View on infosec-jobs.com

Cyber Analyst II 03396 NWG

@ North Wind Group | KNOXVILLE, TN
View on infosec-jobs.com

CRIT Information Security Officer (f/m/d)

@ Deutsche Börse | Frankfurt am Main, DE
View on infosec-jobs.com
View more jobs