CVE-2018-1000007

Published on: 01/24/2018 12:00:00 AM UTC

Last Modified on: 06/13/2022 07:10:00 PM UTC

CVE-2018-1000007

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Ubuntu Linux from Canonical contain the following vulnerability:

libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.

CVE-2018-1000007 has been assigned by [email protected] to track the vulnerability - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
NETWORK	LOW	NONE	NONE
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	HIGH	HIGH	HIGH

CVSS2 Score: 5 - MEDIUM

Access Vector^ⓘ	Access Complexity	Authentication
NETWORK	LOW	NONE
Confidentiality Impact	Integrity Impact	Availability Impact
PARTIAL	NONE	NONE

CVE References

Description	Tags ^ⓘ	Link
curl - HTTP authentication leak in redirects - CVE-2018-1000007	Patch Vendor Advisory curl.haxx.se text/html	CONFIRM curl.haxx.se/docs/adv_2018-b3bf.html
Red Hat Customer Portal	access.redhat.com text/html	REDHAT RHSA-2019:1543
USN-3554-2: curl vulnerability \| Ubuntu security notices	Third Party Advisory usn.ubuntu.com text/html	UBUNTU USN-3554-2
Red Hat Customer Portal	Third Party Advisory access.redhat.com text/html	REDHAT RHSA-2018:3558
cURL HTTP Redirect Processing May Let Remote Users Obtain Potentially Sensitive Information from Custom Authentication Headers - SecurityTracker	Third Party Advisory VDB Entry www.securitytracker.com text/html	SECTRACK 1040274
Debian -- Security Information -- DSA-4098-1 curl	Third Party Advisory www.debian.org Depreciated Link text/html	DEBIAN DSA-4098
USN-3554-1: curl vulnerabilities \| Ubuntu security notices	Third Party Advisory usn.ubuntu.com text/html	UBUNTU USN-3554-1
[SECURITY] [DLA 1263-1] curl security update	Mailing List Third Party Advisory lists.debian.org text/html	MLIST [debian-lts-announce] 20180129 [SECURITY] [DLA 1263-1] curl security update
Red Hat Customer Portal	Third Party Advisory access.redhat.com text/html	REDHAT RHSA-2018:3157
Red Hat Customer Portal	access.redhat.com text/html	REDHAT RHSA-2020:0544
Red Hat Customer Portal	Third Party Advisory access.redhat.com text/html	REDHAT RHBA-2019:0327
Oracle Critical Patch Update - October 2019	www.oracle.com text/html	MISC www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
oss-security - [SECURITY ADVISORY] curl auth/cookie leak on redirect	www.openwall.com text/html	MLIST [oss-security] 20220427 [SECURITY ADVISORY] curl auth/cookie leak on redirect
Red Hat Customer Portal	access.redhat.com text/html	REDHAT RHSA-2020:0594

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

296082 Oracle Solaris 11.4 Support Repository Update (SRU) 48.126.1 Missing (CPUJUL2022)
710294 Gentoo Linux cURL Multiple Vulnerabilities (GLSA 201804-04)

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	12.04	All	All	All
Operating System	Canonical	Ubuntu Linux	14.04	All	All	All
Operating System	Canonical	Ubuntu Linux	16.04	All	All	All
Operating System	Canonical	Ubuntu Linux	17.10	All	All	All
Operating System	Canonical	Ubuntu Linux	12.04	All	All	All
Operating System	Canonical	Ubuntu Linux	14.04	All	All	All
Operating System	Canonical	Ubuntu Linux	16.04	All	All	All
Operating System	Canonical	Ubuntu Linux	17.10	All	All	All
Operating System	Debian	Debian Linux	7.0	All	All	All
Operating System	Debian	Debian Linux	8.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Debian	Debian Linux	7.0	All	All	All
Operating System	Debian	Debian Linux	8.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Hardware	Fujitsu	M10-1	-	All	All	All
Operating System	Fujitsu	M10-1 Firmware	All	All	All	All
Hardware	Fujitsu	M10-4	-	All	All	All
Hardware	Fujitsu	M10-4s	-	All	All	All
Operating System	Fujitsu	M10-4s Firmware	All	All	All	All
Operating System	Fujitsu	M10-4 Firmware	All	All	All	All
Hardware	Fujitsu	M12-1	-	All	All	All
Operating System	Fujitsu	M12-1 Firmware	All	All	All	All
Hardware	Fujitsu	M12-2	-	All	All	All
Hardware	Fujitsu	M12-2s	-	All	All	All
Operating System	Fujitsu	M12-2s Firmware	All	All	All	All
Operating System	Fujitsu	M12-2 Firmware	All	All	All	All
Application	Haxx	Curl	All	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	7.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Eus	7.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Eus	7.5	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	7.0	All	All	All

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*:
cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*:
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE