cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
BID:59058
Info
cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
| Bugtraq ID: | 59058 |
| Class: | Design Error |
| CVE: |
CVE-2013-1944 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2013 12:00AM |
| Updated: | Jul 29 2016 06:00PM |
| Credit: | YAMADA Yasuharu |
| Vulnerable: |
Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 12.10 i386 Ubuntu Ubuntu Linux 12.10 amd64 Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server Oracle VM Server for x86 3.4 Oracle VM Server for x86 3.3 Oracle VM Server for x86 3.2 Oracle Solaris 11.1 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Daniel Stenberg curl 7.20 Daniel Stenberg curl 7.2.1 Daniel Stenberg curl 7.2 Daniel Stenberg curl 7.29.0 Daniel Stenberg curl 7.28.1 Daniel Stenberg curl 7.28.0 Daniel Stenberg curl 7.27.0 Daniel Stenberg curl 7.26.0 Daniel Stenberg curl 7.24.0 Daniel Stenberg curl 7.23.1 Daniel Stenberg curl 7.21.7 Daniel Stenberg curl 7.21.6 Daniel Stenberg curl 7.20.2 Daniel Stenberg curl 7.20.1 CentOS CentOS 6 Avaya Voice Portal 5.0 Avaya Proactive Contact 5.0 Avaya one-X Client Enablement Services 6.0 Avaya Meeting Exchange 5.0 Avaya IQ 5 Avaya IP Office Server Edition 8.0 Avaya IP Office Application Server 8.0 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya CMS r17 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.0 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.0 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.0 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.0 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 7.0 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager 5.2 Avaya Aura Communication Manager 6.0 Avaya Aura Application Server 5300 SIP Core 3.0 Avaya Aura Application Server 5300 SIP Core 2.0 Avaya Aura Application Enablement Services 6.0 Avaya Aura Application Enablement Services 5.0 Apple Mac OS X 10.8.5 |
| Not Vulnerable: |
Oracle Solaris 11.1.18.5.0 Daniel Stenberg curl 7.30 Apple Mac OS X 10.9 |
Discussion
cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
cURL/libcURL is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Versions prior to cURL/libcURL 7.30.0 are vulnerable.
cURL/libcURL is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Versions prior to cURL/libcURL 7.30.0 are vulnerable.
Exploit / POC
cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Solution:
Updates are available. Please see the references or vendor advisory for more information.
MandrakeSoft Enterprise Server 5 x86_64
-
Mandriva curl-7.19.0-2.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva curl-examples-7.19.0-2.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64curl-devel-7.19.0-2.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64curl4-7.19.0-2.6mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/
MandrakeSoft Enterprise Server 5
-
Mandriva curl-7.19.0-2.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva curl-examples-7.19.0-2.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libcurl-devel-7.19.0-2.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libcurl4-7.19.0-2.6mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
References
cURL/libcURL 'tailmatch()' Function Information Disclosure Vulnerability
References:
References:
- cURL Home Page (cURL)
- CVE-2013-1944 Information Disclosure vulnerability in libcurl (Oracle)
- libcurl cookie domain tailmatch (YAMADA Yasuharu)
- curl security update (RHSA-2013-0771) (Avaya)
- Oracle VM Server for x86 Bulletin - July 2016 (Oracle)
- Wind river WIND00415960 (Wind River)
- Wind River Linux curl Security Update (WIND00415960) (Avaya Inc)