CVE-2009-0037

Summary

CVE	CVE-2009-0037
State	PUBLISHED
Assigner	redhat
Source Priority	CVE Program / NVD first with legacy fallback
Published	2009-03-05 02:30:00 UTC
Updated	2026-04-23 00:35:47 UTC
Description	The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.

Risk And Classification

Primary CVSS: v2.0 6.8 from [email protected]

AV:N/AC:M/Au:N/C:P/I:P/A:P

Problem Types: CWE-352 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Curl	Curl	5.11	All	All	All
Application	Curl	Curl	6.0	All	All	All
Application	Curl	Curl	6.1beta	All	All	All
Application	Curl	Curl	6.2	All	All	All
Application	Curl	Curl	6.3	All	All	All
Application	Curl	Curl	6.3.1	All	All	All
Application	Curl	Curl	6.4	All	All	All
Application	Curl	Curl	6.5	All	All	All
Application	Curl	Curl	6.5.1	All	All	All
Application	Curl	Curl	6.5.2	All	All	All
Application	Curl	Curl	7.1	All	All	All
Application	Curl	Curl	7.1.1	All	All	All
Application	Curl	Curl	7.10	All	All	All
Application	Curl	Curl	7.10.1	All	All	All
Application	Curl	Curl	7.10.2	All	All	All
Application	Curl	Curl	7.10.3	All	All	All
Application	Curl	Curl	7.10.4	All	All	All
Application	Curl	Curl	7.10.5	All	All	All
Application	Curl	Curl	7.10.6	All	All	All
Application	Curl	Curl	7.10.7	All	All	All
Application	Curl	Curl	7.10.8	All	All	All
Application	Curl	Curl	7.11.1	All	All	All
Application	Curl	Curl	7.12	All	All	All
Application	Curl	Curl	7.12.1	All	All	All
Application	Curl	Curl	7.12.2	All	All	All
Application	Curl	Curl	7.13	All	All	All
Application	Curl	Curl	7.13.2	All	All	All
Application	Curl	Curl	7.14	All	All	All
Application	Curl	Curl	7.14.1	All	All	All
Application	Curl	Curl	7.15	All	All	All
Application	Curl	Curl	7.15.1	All	All	All
Application	Curl	Curl	7.15.3	All	All	All
Application	Curl	Curl	7.16.3	All	All	All
Application	Curl	Curl	7.16.4	All	All	All
Application	Curl	Curl	7.17	All	All	All
Application	Curl	Curl	7.18	All	All	All
Application	Curl	Curl	7.19.3	All	All	All
Application	Curl	Curl	7.2	All	All	All
Application	Curl	Curl	7.2.1	All	All	All
Application	Curl	Curl	7.3	All	All	All
Application	Curl	Curl	7.4	All	All	All
Application	Curl	Curl	7.4.1	All	All	All
Application	Curl	Curl	7.4.2	All	All	All
Application	Curl	Curl	7.5	All	All	All
Application	Curl	Curl	7.5.1	All	All	All
Application	Curl	Curl	7.5.2	All	All	All
Application	Curl	Curl	7.6	All	All	All
Application	Curl	Curl	7.6.1	All	All	All
Application	Curl	Curl	7.7	All	All	All
Application	Curl	Curl	7.7.1	All	All	All
Application	Curl	Curl	7.7.2	All	All	All
Application	Curl	Curl	7.7.3	All	All	All
Application	Curl	Curl	7.8	All	All	All
Application	Curl	Curl	7.8.1	All	All	All
Application	Curl	Curl	7.8.2	All	All	All
Application	Curl	Curl	7.9	All	All	All
Application	Curl	Curl	7.9.1	All	All	All
Application	Curl	Curl	7.9.2	All	All	All
Application	Curl	Curl	7.9.3	All	All	All
Application	Curl	Curl	7.9.4	All	All	All
Application	Curl	Curl	7.9.5	All	All	All
Application	Curl	Curl	7.9.6	All	All	All
Application	Curl	Curl	7.9.7	All	All	All
Application	Curl	Curl	7.9.8	All	All	All
Application	Curl	Libcurl	5.11	All	All	All
Application	Curl	Libcurl	7.12	All	All	All
Application	Curl	Libcurl	7.12.1	All	All	All
Application	Curl	Libcurl	7.12.2	All	All	All
Application	Curl	Libcurl	7.12.3	All	All	All
Application	Curl	Libcurl	7.13	All	All	All
Application	Curl	Libcurl	7.13.1	All	All	All
Application	Curl	Libcurl	7.13.2	All	All	All
Application	Curl	Libcurl	7.14	All	All	All
Application	Curl	Libcurl	7.14.1	All	All	All
Application	Curl	Libcurl	7.15	All	All	All
Application	Curl	Libcurl	7.15.1	All	All	All
Application	Curl	Libcurl	7.15.2	All	All	All
Application	Curl	Libcurl	7.15.3	All	All	All
Application	Curl	Libcurl	7.16.3	All	All	All
Application	Curl	Libcurl	7.19.3	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
USN-726-1: curl vulnerability \| Ubuntu	af854a3a-2127-422b-91ae-364da2661108	www.ubuntu.com
cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Exploit, Patch
Support	af854a3a-2127-422b-91ae-364da2661108	www.redhat.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf	af854a3a-2127-422b-91ae-364da2661108	www.withdk.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
Debian -- Security Information -- DSA-1738-1 curl	af854a3a-2127-422b-91ae-364da2661108	www.debian.org
SUSE Update for Multiple Packages - Advisories - Community	af854a3a-2127-422b-91ae-364da2661108	secunia.com
curl: page not found	af854a3a-2127-422b-91ae-364da2661108	curl.haxx.se	Patch, Vendor Advisory
rPath update for curl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
With DK » Blog Archive » cURL/LibcURL Redirect Arbitrary File Access	af854a3a-2127-422b-91ae-364da2661108	www.withdk.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com	Patch, Vendor Advisory
Slackware update for curl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
[Security-announce] VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl	af854a3a-2127-422b-91ae-364da2661108	lists.vmware.com
cURL/libcurl HTTP Redirect Processing May Let Remote Users Access Files - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
VMware ESX Server update for udev, sudo, and curl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Debian update for curl - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3	af854a3a-2127-422b-91ae-364da2661108	lists.apple.com
Webmail - OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
VMSA-2009-0009	af854a3a-2127-422b-91ae-364da2661108	www.vmware.com
About the security content of Security Update 2010-002 / Mac OS X v10.6.3	af854a3a-2127-422b-91ae-364da2661108	support.apple.com
Gentoo update for curl - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Advisories:rPSA-2009-0042 - rPath Wiki	af854a3a-2127-422b-91ae-364da2661108	wiki.rpath.com
The Slackware Linux Project: Slackware Security Advisories	af854a3a-2127-422b-91ae-364da2661108	slackware.com
Red Hat update for curl - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
cURL/libcURL "Location:" Redirect URLs Security Bypass - Advisories - Community	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
cURL - Security Advisory (March 3, 2009)	af854a3a-2127-422b-91ae-364da2661108	curl.haxx.se	Patch, Vendor Advisory
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:006	af854a3a-2127-422b-91ae-364da2661108	lists.opensuse.org
Gentoo Linux Documentation -- cURL: Arbitrary file access	af854a3a-2127-422b-91ae-364da2661108	security.gentoo.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.