cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
BID:106947
CVE-2018-16890 |Info
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
| Bugtraq ID: | 106947 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2018-16890 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 06 2019 12:00AM |
| Updated: | Jul 17 2019 08:00AM |
| Credit: | Wenxiang Qian of Tencent Blade Team |
| Vulnerable: |
Ubuntu Ubuntu Linux 18.10 Ubuntu Ubuntu Linux 18.04 LTS Ubuntu Ubuntu Linux 16.04 LTS Ubuntu Ubuntu Linux 14.04 LTS Siemens SINEMA Remote Connect Client 1.0 Redhat Software Collections for RHEL 0 Oracle Services Tools Bundle 19.2 Oracle MySQL Server 8.0.15 Oracle MySQL Server 8.0.14 Oracle MySQL Server 8.0.13 Oracle MySQL Server 8.0.12 Oracle MySQL Server 8.0.11 Oracle MySQL Server 5.7.26 Oracle MySQL Server 5.7.25 Oracle MySQL Server 5.7.24 Oracle MySQL Server 5.7.23 Oracle MySQL Server 5.7.22 Oracle MySQL Server 5.7.21 Oracle MySQL Server 5.7.20 Oracle MySQL Server 5.7.19 Oracle MySQL Server 5.7.18 Oracle MySQL Server 5.7.17 Oracle MySQL Server 5.7.16 Oracle MySQL Server 5.7.15 Oracle MySQL Server 5.7.12 Oracle MySQL Server 5.7 Oracle Enterprise Manager Ops Center 12.4 Oracle Enterprise Manager Ops Center 12.3.3 NetApp Clustered Data ONTAP 0 Haxx Libcurl 7.63 Haxx Libcurl 7.62 Haxx Libcurl 7.61.1 Haxx Libcurl 7.61 Haxx Libcurl 7.60 Haxx Libcurl 7.59 Haxx Libcurl 7.58 Haxx Libcurl 7.57 Haxx Libcurl 7.56.1 Haxx Libcurl 7.56 Haxx Libcurl 7.55.1 Haxx Libcurl 7.54.1 Haxx Libcurl 7.54 Haxx Libcurl 7.53.1 Haxx Libcurl 7.53 Haxx Libcurl 7.52 Haxx Libcurl 7.51 Haxx Libcurl 7.50.3 Haxx Libcurl 7.50.2 Haxx Libcurl 7.50.1 Haxx Libcurl 7.50 Haxx Libcurl 7.47 Haxx Libcurl 7.46 Haxx Libcurl 7.43 Haxx Libcurl 7.42.1 Haxx Libcurl 7.36 Haxx Libcurl 7.6.1 Haxx Libcurl 7.6 Haxx Libcurl 7.55.0 Haxx Libcurl 7.52.1 Haxx Libcurl 7.5.2 Haxx Libcurl 7.5.1 Haxx Libcurl 7.49.0 Haxx Libcurl 7.48.0 Haxx Libcurl 7.42.0 Haxx Libcurl 7.41.0 Haxx Libcurl 7.40.0 Haxx Libcurl 7.4.2 Haxx Libcurl 7.4.1 Haxx Libcurl 7.4 Haxx Libcurl 7.39 Haxx Libcurl 7.38.0 Haxx Libcurl 7.37.1 Haxx Libcurl 7.37.0 Haxx Curl 7.62 Haxx Curl 7.61.1 Haxx Curl 7.61 Haxx Curl 7.60 Haxx Curl 7.59 Haxx Curl 7.58 Haxx Curl 7.56.1 Haxx Curl 7.56 Haxx Curl 7.55.1 Haxx Curl 7.55 Haxx Curl 7.54.1 Haxx Curl 7.54 Haxx Curl 7.53.1 Haxx Curl 7.53 Haxx Curl 7.52 Haxx Curl 7.51 Haxx Curl 7.50.3 Haxx Curl 7.50 Haxx Curl 7.47 Haxx Curl 7.46 Haxx Curl 7.45 Haxx Curl 7.43 Haxx Curl 7.42.1 Haxx Curl 7.36 Haxx Curl 7.63.0 Haxx Curl 7.6.1 Haxx Curl 7.6 Haxx Curl 7.57.0 Haxx Curl 7.52.1 Haxx Curl 7.50.1 Haxx Curl 7.49.0 Haxx Curl 7.48.0 Haxx Curl 7.42.0 Haxx Curl 7.41.0 Haxx Curl 7.40.0 Haxx Curl 7.39.0 Haxx Curl 7.38.0 Haxx Curl 7.37.1 |
| Not Vulnerable: |
Siemens SINEMA Remote Connect Client 2.0 HF1 Haxx Curl 7.64.0 |
Discussion
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
cURL/libcURL is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to obtain sensitive information and cause a denial-of-service condition.
cURL/libcURL from 7.36.0 through 7.63.0 are vulnerable.
cURL/libcURL is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to obtain sensitive information and cause a denial-of-service condition.
cURL/libcURL from 7.36.0 through 7.63.0 are vulnerable.
Exploit / POC
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
References:
References:
- cURL Home Page (cURL)
- February 2019 curl/libcurl Vulnerabilities in NetApp Products (NetApp)
- NTLM: fix size check condition for type2 received data (Github)
- Red Hat Bugzilla �?? Bug 1670252 (Red Hat Bugzilla)
- USN-3882-1: curl vulnerabilities (Ubuntu)
- Advisory (ICSA-19-099-04) (ICS CERT)
- CVE-2018-16890 (Red Hat)
- DSA-4386-1 curl -- security update (Debian)
- NTLM type-2 out-of-bounds buffer read (Haxx)
- Oracle Critical Patch Update Advisory - July 2019 (Oracle)
- SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect (Siemens)