Author Topic: Libcurl Vulnerability Found (And Fixed)  (Read 3333 times)

0 Members and 1 Guest are viewing this topic.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Libcurl Vulnerability Found (And Fixed)
« on: December 12, 2005, 10:13:50 pm »
Package        : curl
Vulnerability  : buffer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2005-4077 CVE-2005-3185
BugTraq ID     : 15756 15102 15647
Debian Bug     : 342339 342696

Several problems were discovered in libcurl, a multi-protocol file
transfer library.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-3185

   A vulnerability has been discovered a buffer overflow in libcurl
   that could allow the execution of arbitrary code.

CVE-2005-4077

   Stefan Esser discovered several off-by-one errors that allows
   local users to trigger a buffer overflow and cause a denial of
   service or bypass PHP security restrictions via certain URLs.

For the old stable distribution (woody) these problems have been fixed in
version 7.9.5-1woody1.

For the stable distribution (sarge) these problems have been fixed in
version 7.13.2-2sarge4.  This update also includes a bugfix against
data corruption.

For the unstable distribution (sid) these problems have been fixed in
version 7.15.1-1.

We recommend that you upgrade your libcurl packages.

Hats off to the LibCurl programmers.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Libcurl Vulnerability Found (And Fixed)
« Reply #1 on: December 12, 2005, 10:15:42 pm »
Isn't this old?  Or is there a new one?  I remember lynx and curl had a couple (really stupid) vulnerabilities a couple months ago.  It's possible that it's taken Debian this long to patch it, though, I often see them re-post really old vulnerabilities when they update their distro :)

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Libcurl Vulnerability Found (And Fixed)
« Reply #2 on: December 12, 2005, 10:26:50 pm »
I wouldn't know if it was old, I just recently subscribed to bugtraq..
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Libcurl Vulnerability Found (And Fixed)
« Reply #3 on: December 12, 2005, 10:29:47 pm »
Yeah, I checked out CVE-2005-3185. 

It's from October 12/05. 

Debian is just slow.  Stupid Debian, Slackware for life :)

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Libcurl Vulnerability Found (And Fixed)
« Reply #4 on: December 12, 2005, 10:35:46 pm »
Oh.. god that's lame.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Libcurl Vulnerability Found (And Fixed)
« Reply #5 on: December 12, 2005, 10:50:19 pm »
Or was it December 10... it's 20051012, take that how you want :)