Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: cURL 7x,,,,, HUH???

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
And, this specific program:
cURL 7.x

This thread has been marked as locked.
James Andrews cURL 7x,,,,, HUH???
Member 8th Apr, 2011 21:17
Ranking: 0
Posts: 1
User Since: 5th Jul, 2008
System Score: N/A
Location: N/A
Last edited on 8th Apr, 2011 21:18

Secunia says that I need to update some program named "cURL"...
I know nothing about this program and when Secunia sends me to the update site, I don't have a clue about what I am seeing nor what to do...

Help...

Jim Andrews - Phoenix

mogs RE: cURL 7x,,,,, HUH???
Expert Contributor 8th Apr, 2011 21:58
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
I don't have any answer for you other than the link to the following thread on the forum where there is discussion about the problem :-
http://secunia.com/community/forum/thread/show/802... it may be that you'll be able to glean something from it.
Secunia Support are most often busy elsewhere at present....and of course the weekend is now with us, else the situation may have been clarified before now.
Hope it's of some help.......regards,

--
Was this reply relevant?
+0
-0
Maurice Joyce RE: cURL 7x,,,,, HUH???
Handling Contributor 8th Apr, 2011 22:07
Score: 11718
Posts: 8,956
User Since: 4th Jan 2009
System Score: N/A
Location: UK
FINDING A FILE PATH

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V)) that path back to the Forum.
OR THIS METHOD WHICH GIVES A HELPER MORE INFORMATION
4a Below DETECTED INSTANCES you will see You can double click this row for additional information & options>double click it>a box will appear>click TROUBLESHOOT REPORT>Now highlight the information revealed from START to END & copy it (CTRL+C) then post it to the Forum (CTRL+V)

The end result U post to the Forum should look like this:
---START---

Program Name:
Apple iTunes 10.x

Security State:
Insecure

Download Link:
http://appldnld.apple.com/iTunes10/061-9638.201103...

Instances Found:
C:\Program Files\iTunes\iTunes.exe, version: 10.1.2.17

Last System Scan (localtime):
3. Mar 2011, 16:47

Operating System:
Microsoft Windows XP Home Edition, Service Pack 3

---END---



Update 9 09:33 13/03/2011





--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
amazon13 RE: cURL 7x,,,,, HUH???
Member 11th Apr, 2011 00:34
Score: 0
Posts: 15
User Since: 30th Mar 2008
System Score: 99%
Location: US
I took a leap of faith and went to this website and decided to download the recommended version for my computer and it appears to have worked for the 64 Bit version I would use. I believe that this has something to do with the foxit reader, do you have this program installed on your computer? Check out the following site to see if there's anything on it that might help you, there's a lot of reading to do in order to figure out what applies to you and your system.

http://curl.haxx.se/dlwiz/?type=*&os=Win64


If so it has to do with it, I downloaded it, installed it and the insecure warning went away. Since I installed the one for 64 Bit programs it didn't remove the warning for the 32 Bit programs that is the warning in Secunia that popped up. I clicked on the link for the ADD/Remove in the link in Secunia and was taken their but wasn't sure as to which foxit 32 bit program it was referring to therefore I left it there as to not screw up anything before I find out exactly which foxit listing it's referring to.

"C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\OnDemandCM\curl\curl.exe 7.18.2.0 Insecure Actual Installation 1302473282 "

I will eventually figure it out and take out the 32 bit version, but until then I'll settle for the 99% system score. Hope this helps!




--
Amazon13
Was this reply relevant?
+0
-0
institut1 RE: cURL 7x,,,,, HUH??? / I think this is it
Member 13th Apr, 2011 09:35
Score: 0
Posts: 2
User Since: 21st Aug 2008
System Score: N/A
Location: N/A
I clicked on the 'install solution' and at the www site clicked on the 'download wizard', scrolled to the near bottom of the alpha list to Windows 32 - Generic. There is a file under Windows 32/XP Binary.

As it states at the very bottom of the list that 7.21.4 is trhe latest version as highlighted, I downloaded / saved the Windows 32/XP Binary version, but did not unzip or install it.

Note: While Secunia says the latest is 7.21.2, the site says it is 7.21.4'

Can someone please advise if this is the correct download before I install it, and do I have to delete the older version after the download..

Thanks
Was this reply relevant?
+0
-0
This user no longer exists RE: cURL 7x,,,,, HUH???
Member 13th Apr, 2011 09:58
Hi,

As cURL is part of another program in this case, we have removed the detection in this case. If you run a full rescan, it should be detected.

The reason we don't show this as insecure even though the problem does not bundle the latest reason is that there is no demonstrated attack vector and no offical patches.

Hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability