Debian: DSA-3992-1 Critical: cURL Out Of Bounds and TFTP Issues
debian
October 6, 2017
Several vulnerabilities have been discovered in cURL, an URL transfer library
Topics Covered
Summary
CVE-2017-1000100
Even Rouault reported that cURL does not properly handle long file
names when doing an TFTP upload. A malicious HTTP(S) server can take
advantage of this flaw by redirecting a client using the cURL
library to a crafted TFTP URL and trick it to send private memory
contents to a remote server over UDP.
CVE-2017-1000101
Brian Carpenter and Yongji Ouyang reported that cURL contains a flaw
in the globbing function that parses the numerical range, leading to
an out-of-bounds read when parsing a specially crafted URL.
CVE-2017-1000254
Max Dymond reported that cURL contains an out-of-bounds read flaw in
the FTP PWD response parser. A malicious server can take advantage
of this flaw to effectively prevent a client using the cURL library
to work with it, causing a denial of service.
For the oldstable distribution (jessie), these problems have been fixed
in version 7.38.0-4+deb8u6.
For the stable distribution (stretch), these problems have been f...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: curl
CVE ID: CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000254
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!