Lucene search

MitreCVE-2017-1000101

HistoryOct 05, 2017 - 1:29 a.m.

CVE-2017-1000101

2017-10-0501:29:04

CWE-119

mitre

web.nvd.nist.gov

128

cve-2017-1000101

curl

globbing

url

heap buffer

security vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0.003

Percentile

71.0%

JSON

curl supports “globbing” of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be http://ur%20[0-60000000000000000000.

Affected configurations

Nvd

Node

haxxcurlMatch7.4.1

haxxcurlMatch7.35.0

haxxcurlMatch7.36.0

haxxcurlMatch7.37.0

haxxcurlMatch7.37.1

haxxcurlMatch7.38.0

haxxcurlMatch7.39.0

haxxcurlMatch7.40.0

haxxcurlMatch7.41.0

haxxcurlMatch7.42.0

haxxcurlMatch7.42.1

haxxcurlMatch7.43.0

haxxcurlMatch7.44.0

haxxcurlMatch7.45.0

haxxcurlMatch7.46.0

haxxcurlMatch7.47.0

haxxcurlMatch7.47.1

haxxcurlMatch7.48.0

haxxcurlMatch7.49.0

haxxcurlMatch7.49.1

haxxcurlMatch7.50.0

haxxcurlMatch7.50.1

haxxcurlMatch7.50.2

haxxcurlMatch7.50.3

haxxcurlMatch7.51.0

haxxcurlMatch7.52.0

haxxcurlMatch7.52.1

haxxcurlMatch7.53.0

haxxcurlMatch7.53.1

haxxcurlMatch7.54.0

haxxcurlMatch7.54.1

haxxcurlMatch7.55.0

VendorProductVersionCPE
haxxcurl7.4.1cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*
haxxcurl7.35.0cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*
haxxcurl7.36.0cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*
haxxcurl7.37.0cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*
haxxcurl7.37.1cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*
haxxcurl7.38.0cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*
haxxcurl7.39.0cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*
haxxcurl7.40.0cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*
haxxcurl7.41.0cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*
haxxcurl7.42.0cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
haxx	curl	7.4.1	cpe:2.3:a:haxx:curl:7.4.1:::::::*
haxx	curl	7.35.0	cpe:2.3:a:haxx:curl:7.35.0:::::::*
haxx	curl	7.36.0	cpe:2.3:a:haxx:curl:7.36.0:::::::*
haxx	curl	7.37.0	cpe:2.3:a:haxx:curl:7.37.0:::::::*
haxx	curl	7.37.1	cpe:2.3:a:haxx:curl:7.37.1:::::::*
haxx	curl	7.38.0	cpe:2.3:a:haxx:curl:7.38.0:::::::*
haxx	curl	7.39.0	cpe:2.3:a:haxx:curl:7.39.0:::::::*
haxx	curl	7.40.0	cpe:2.3:a:haxx:curl:7.40.0:::::::*
haxx	curl	7.41.0	cpe:2.3:a:haxx:curl:7.41.0:::::::*
haxx	curl	7.42.0	cpe:2.3:a:haxx:curl:7.42.0:::::::*