The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of libcurl

vulnerability note CVE-2017-8816 CVE-2017-8817 CVE-2017-8818

curl: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of curl.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Shibboleth SP, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/11/2017.
Identifiers: bulletinapr2018, bulletinoct2018, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, DLA-1195-1, DSA-4051-1, FEDORA-2017-0c062324cd, FEDORA-2017-45bdf4dace, HT208465, HT208692, JSA10874, openSUSE-SU-2018:0161-1, RHSA-2018:3558-01, STORM-2019-002, USN-3498-1, USN-3498-2, VIGILANCE-VUL-24564.

Description of the vulnerability

An attacker can use several vulnerabilities of curl.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-1000257

curl: out-of-bounds memory reading via IMAP FETCH Response

Synthesis of the vulnerability

An attacker can force a read at an invalid address via IMAP FETCH Response of curl, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: OpenOffice, curl, Debian, Fedora, QRadar SIEM, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, pfSense, RHEL, Slackware, Ubuntu, VxWorks.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 23/10/2017.
Identifiers: 2011740, bulletinapr2018, CVE-2017-1000257, DLA-1143-1, DSA-4007-1, FEDORA-2017-ebf32659bf, JSA10874, K-511316, openSUSE-SU-2017:2880-1, RHSA-2017:3263-01, RHSA-2018:3558-01, SSA:2017-297-01, USN-3457-1, VIGILANCE-VUL-24199.

Description of the vulnerability

An attacker can force a read at an invalid address via IMAP FETCH Response of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-1000254

curl: out-of-bounds memory reading via FTP PWD

Synthesis of the vulnerability

An attacker can force a read at an invalid address via FTP PWD of curl, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, pfSense, RHEL, Slackware, Ubuntu, VxWorks.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 04/10/2017.
Identifiers: 2011879, bulletinapr2018, CVE-2017-1000254, DLA-1121-1, DSA-3992-1, FEDORA-2017-601b4c20a4, HT208331, HT208394, JSA10874, K-511316, openSUSE-SU-2017:2880-1, RHSA-2018:3558-01, SSA:2017-279-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-24018.

Description of the vulnerability

An attacker can force a read at an invalid address via FTP PWD of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101

curl: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of curl.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Fedora, Android OS, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Slackware, Ubuntu, VxWorks.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on service, denial of service on client.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/08/2017.
Identifiers: 2011879, bulletinapr2018, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, DLA-1062-1, DSA-3992-1, FEDORA-2017-f1ffd18079, FEDORA-2017-f2df9d7772, HT208221, JSA10874, K-511316, openSUSE-SU-2017:2205-1, RHSA-2018:3558-01, SSA:2017-221-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-23481.

Description of the vulnerability

Several vulnerabilities were announced in curl.

An attacker can force a read at an invalid address via Globbing, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000101]

An attacker can generate a buffer overflow via TFTP, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2017-1000100]

An attacker can force a read at an invalid address via FILE, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000099]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-9502

curl on MS-Windows: buffer overflow via an URL of scheme file

Synthesis of the vulnerability

An attacker can generate a buffer overflow via an URL of scheme file in curl, in order to trigger a denial of service, and possibly to run code.
Impacted products: OpenOffice, curl, Juniper EX-Series, Junos OS, SRX-Series.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 14/06/2017.
Identifiers: CVE-2017-9502, JSA10874, VIGILANCE-VUL-22977.

Description of the vulnerability

An attacker can generate a buffer overflow via an URL of scheme file in curl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-7468

libcurl: TLS session resume even if the certificate changed

Synthesis of the vulnerability

The TLS client of libcurl can reuse a session even if the client certificate changed, which may lead to the authentication with an incorrect identity.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, pfSense, Ubuntu.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: user account.
Creation date: 19/04/2017.
Identifiers: APPLE-SA-2017-07-19-2, CVE-2017-7468, HT207922, STORM-2019-002, USN-3262-1, VIGILANCE-VUL-22500.

Description of the vulnerability

The TLS client of libcurl can reuse a session even if the client certificate changed, which may lead to the authentication with an incorrect identity.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-7407

curl: information disclosure via --write-out

Synthesis of the vulnerability

A local attacker can read a memory fragment via --write-out of curl, in order to obtain sensitive information.
Impacted products: OpenOffice, curl, Debian, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, pfSense, RHEL, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: physical access.
Creation date: 04/04/2017.
Identifiers: bulletinjul2018, cpuoct2018, CVE-2017-7407, DLA-883-1, FEDORA-2017-b38b98727e, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, USN-3441-1, USN-3441-2, VIGILANCE-VUL-22327.

Description of the vulnerability

A local attacker can read a memory fragment via --write-out of curl, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-2629

curl: Man-in-the-Middle with SSL_VERIFYSTATUS

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle on curl with CURLOPT_SSL_VERIFYSTATUS, in order to read or write data in the session.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, pfSense.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Creation date: 22/02/2017.
Identifiers: APPLE-SA-2017-07-19-2, CVE-2017-2629, HT207922, STORM-2019-002, VIGILANCE-VUL-21925.

Description of the vulnerability

The curl product uses the TLS protocol, in order to create secure sessions.

However, the X.509 certificate and the service identity are not correctly checked during the usage of CURLOPT_SSL_VERIFYSTATUS (OCSP Stapling, TLS Certificate Status Request).

An attacker can therefore act as a Man-in-the-Middle on curl with CURLOPT_SSL_VERIFYSTATUS, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 21461

libcurl: predictable random via randit

Synthesis of the vulnerability

An attacker can predict randoms of randit() of libcurl.
Impacted products: curl.
Severity: 2/4.
Consequences: data reading.
Provenance: internet server.
Creation date: 29/12/2016.
Identifiers: VIGILANCE-VUL-21461.

Description of the vulnerability

The libcurl library uses randit() since version 7.52.0, to generate randoms (used by: Digest/NTLM authentication, boundary strings, etc.).

However, this function is incorrectly implemented, and the random is predictable or weak.

An attacker can therefore predict randoms of randit() of libcurl.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-9586 CVE-2016-9952 CVE-2016-9953

cURL: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of cURL.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Ubuntu.
Severity: 2/4.
Consequences: client access/rights, data reading.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Identifiers: APPLE-SA-2017-07-19-2, cpuoct2018, CVE-2016-9586, CVE-2016-9952, CVE-2016-9953, DLA-1568-1, DLA-767-1, FEDORA-2016-86d2b5aefb, FEDORA-2016-edbb33ab2e, HT207615, HT207922, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-21435.

Description of the vulnerability

Several vulnerabilities were announced in cURL.

An attacker can generate a buffer overflow via float numbers, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9586]

On WinCE platforms, an attacker can tamper with X.501 names in the X.509 certificate validation process, in order to spoof a server. [severity:2/4; CVE-2016-9952]

On WinCE platforms, an attacker can raise a read only buffer overflow in the X.509 certificate validation process, in order to read the server process memory or crash it. [severity:2/4; CVE-2016-9953]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about libcurl: