Stay Secure with the Latest Linux Advisories

security advisorydenial of servicemedium severity

Ubuntu: 202209-13 Severity: lib32-libssl Denial of Service

The package lib32-libcurl-compat before version 7.59.0-1 is vulnerable to multiple issues including denial of service and information disclosure. . Arch Linux Security Advisory ASA-201803-18 ========================================= Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-660 Summary ====== The package lib32-libcurl-compat before version 7.59.0-1 is vulnerable to multiple issues including denial of service and information disclosure. Resolution ========= Upgrade to 7.59.0-1. # pacman -Syu "lib32-libcurl-compat> =7.59.0-1" The problems have been fixed upstream in version 7.59.0. Workaround ========= None. Description ========== - CVE-2018-1000120 (denial of service) It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior. - CVE-2018-1000121 (denial of service) A NULL pointer dereference exists in the LDAP code of curl > = 7.21.0 and < curl 7.59.0, allowing an attacker to cause a denial of service. libcurl-using applications that allow LDAP URLs, or that allow redirects to LDAP URLs could be made to crash by a malicious server. - CVE-2018-1000122 (information disclosure) A buffer over-read exists in curl > = 7.20.0 and < 7.59.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage. When asked to transfer an RTSP URL, curl could calculate a wrong data length to copy from the read buffer. The memcpy call would copy data from the heap following the buffer to a storage area that would subsequently be delivered to the application (if it didn't cause a crash). This could lead to information leakageor a denial of service for the application if the server offering the RTSP data can trigger this. Impact ===== A remote attacker is able to crash the application or disclose sensitive information on the affected host. References ========= https://curl.se/docs/CVE-2018-1000120.html https://github.com/curl/curl/commit/535432c0adb62fe167ec09621500470b6fa4eb0f https://curl.se/docs/CVE-2018-1000121.html https://github.com/curl/curl/commit/9889db043393092e9d4b5a42720bba0b3d58deba https://curl.se/docs/CVE-2018-1000122.html https://github.com/curl/curl/commit/d52dc4760f6d9ca1937eefa2093058a952465128 https://security.archlinux.org/CVE-2018-1000120 https://security.archlinux.org/CVE-2018-1000121 https://security.archlinux.org/CVE-2018-1000122 . Fedora Security Notice FSN-202103-12 highlights issues with lib32-libxml2 prior to version 2.9.10-1.. Arch Linux, libcurl compatibility, security advisory, medium severity. . Severity: Medium. LinuxSecurity.com Team

Mar 20, 2018 •Medium ArchLinux