Lucene search

FreeBSDB8E361B8-B7FF-11DA-8414-0013D4A4A40E

HistoryMar 20, 2006 - 12:00 a.m.

curl -- TFTP packet buffer overflow vulnerability

2006-03-2000:00:00

vuxml.freebsd.org

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.9%

JSON

A Project cURL Security Advisory reports:

libcurl uses the given file part of a TFTP URL in a manner that
allows a malicious user to overflow a heap-based memory buffer due
to the lack of boundary check.
This overflow happens if you pass in a URL with a TFTP
protocol prefix (“tftp://”), using a valid host and a path
part that is longer than 512 bytes.
The affected flaw can be triggered by a redirect, if
curl/libcurl is told to follow redirects and an HTTP
server points the client to a tftp URL with the
characteristics described above.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchcurl< 7.15.3UNKNOWN
FreeBSDanynoarchlinux-curl< 7.15.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	curl	< 7.15.3	UNKNOWN
FreeBSD	any	noarch	linux-curl	< 7.15.3	UNKNOWN

References

curl.haxx.se/docs/adv_20060320.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.9%

JSON

Related for B8E361B8-B7FF-11DA-8414-0013D4A4A40E