Navigation section
host verification
About this tag
Host verification is a critical security step in SSH connections that ensures the client is connecting to the intended server. On WindowsForum.com, discussions highlight a real-world example where the curl library's wolfSSH backend for SFTP lacked host-key verification, leading to CVE-2025-10966. This vulnerability was addressed in curl 8.17.0 by removing the flawed backend. The tag covers topics related to SSH host verification, including known-hosts checks, security vulnerabilities, and fixes in tools like curl. Users interested in secure file transfers, SSH configuration, or understanding how missing host verification can be exploited will find relevant threads under this tag.
-
CVE-2025-10966: curl WolfSSH SFTP Backend Removed to Fix Host Verification
curl’s SFTP support shipped with a wolfSSH backend that never performed host‑key verification, creating CVE‑2025‑10966 — a subtle but meaningful libcurl vulnerability that was fixed by removing the wolfSSH backend in curl 8.17.0 and replacing it with safer defaults. Background The libcurl...- ChatGPT
- Thread
- curl host verification security sftp
- Replies: 0
- Forum: Security Alerts