PT-2015-6075 · Curl+4 · Libcurl+5

Hanno Böck

Publicado

2015-04-22

Atualizado

2024-06-15

CVE-2015-3144

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions cURL and libcurl versions 7.37.0 through 7.41.0

Description The issue arises from the fix hostname() function, which fails to properly handle a zero-length host name in a URL, such as "http://:80" or ":80". This can lead to an out-of-bounds read or write and cause a denial of service (crash). The function incorrectly indexes the hostname pointer with a -1 offset when encountering a zero-length hostname, potentially resulting in a crash or other unspecified impacts.

Recommendations For cURL and libcurl versions 7.37.0 through 7.41.0, consider avoiding the use of URLs with zero-length hostnames until a patch is available. As a temporary workaround, restrict the input to the fix hostname() function to prevent zero-length hostnames from being processed.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-124CWE-119

Identificadores relacionados

ALT-PU-2015-1396

CVE-2015-3144

DSA-3232-1

OPENSUSE-SU-2024:10303-1

SUSE-SU-2015:0990-1

USN-2591-1

Produtos afetados

Alt Linux

Junos

Suse

Ubuntu

Curl

Libcurl

PT-2015-6075 · Curl+4 · Libcurl+5

CVE-2015-3144

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 72