exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 26108

Secunia Security Advisory 26108
Posted Jul 19, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
SHA-256 | ed53451757b1f14bc2199b0962ed4a30d1ccea0c0be371f0a688764f3ae08219

Secunia Security Advisory 26108

Change Mirror Download


----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now
available:
http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

----------------------------------------------------------------------

TITLE:
Ubuntu update for curl

SECUNIA ADVISORY ID:
SA26108

VERIFY ADVISORY:
http://secunia.com/advisories/26108/

CRITICAL:
Less critical

IMPACT:
Security Bypass

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 6.06
http://secunia.com/product/10611/
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 7.04
http://secunia.com/product/14068/

DESCRIPTION:
Ubuntu has issued an update for curl. This fixes a security issue,
which can be exploited by malicious people to bypass certain security
restrictions.

For more information:
SA26104

SOLUTION:
Apply updated packages.

-- Ubuntu 6.06 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1.diff.gz
Size/MD5: 1832253495d3c1b7b0f9812ff978832c31d8f9
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1.dsc
Size/MD5: 93853a58f1db4d0112f1260c78d275c0aab
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1.orig.tar=2Egz
Size/MD5: 176999263be206109486d4653c73823aa2b34fa

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.1-1ubuntu2.1_all.deb
Size/MD5: 30978acb278121d48167cb0f3e9db406008b5

amd64 architecture (Athlon64, Opteron, EM64TXeon)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_amd64.deb
Size/MD5: 1692708fd332bf91134007ceaf24da11708ccf
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_amd64.deb
Size/MD5: 5401605673d9d6fcf82116353c6852a8416f90
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_amd64.deb
Size/MD5: 716182ec0bda4317f51ad725862516675eed6e
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_amd64.deb
Size/MD5: 1674325876792ccc569ddcbc436113dd611beb
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_amd64.deb
Size/MD5: 72308821274f88ab48e9821fc33985abbb07f7
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_amd64.deb
Size/MD5: 172480e43c732e1e6d540f7b43218c5b86e9c9

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_i386.deb
Size/MD5: 16813469ac42a25f62527aa840944cc901bc10
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_i386.deb
Size/MD5: 50633676d27984aaa318f56d9067a0d19fa5c1
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_i386.deb
Size/MD5: 6997345e49df506a1adcff171f01fb8d434c9f
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_i386.deb
Size/MD5: 1600523b0c0cb10c664372254f40549a166d02
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_i386.deb
Size/MD5: 7040148fcd4f08a3e43688955a83bafc3ff3f7
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_i386.deb
Size/MD5: 164924616bf253b7a11307a2286011a506ce35

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_powerpc.deb
Size/MD5: 17180067ec27bc7cbed2aa5008f6a352911d3c
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_powerpc.deb
Size/MD5: 54129423e8698d68d7f6552b4e14be50621a06
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_powerpc.deb
Size/MD5: 722380e3e939692fc21f1c84b7d8bb47cbfefd
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_powerpc.deb
Size/MD5: 169640b9e35693d65476da2c171c38a1705781
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_powerpc.deb
Size/MD5: 728238ccba1d1a54f1e655b404c3ab554d355f
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_powerpc.deb
Size/MD5: 17428430c380963c37ccff4635b46e431f0c40

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_sparc.deb
Size/MD5: 16895211e523b5ea0a6a8ed122022938f2d1e3
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_sparc.deb
Size/MD5: 509942656036d90a8029426d9dd5fa80f517c6
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_sparc.deb
Size/MD5: 709192de1d0d8efeccde3a6b52bf2bd3e514cf
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_sparc.deb
Size/MD5: 1626025e14a206a09a7ddc3595289c1a35c1b8
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_sparc.deb
Size/MD5: 713824ceeb282e90f8c6b80d89bc3e9327c783
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_sparc.deb
Size/MD5: 166782da0a4c662e98a1f6259da2938b9f8eef

-- Ubuntu 6.10 --

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2.diff.gz
Size/MD5: 19451625518d2bbd325db46f7ad4b8debb602
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2.dsc
Size/MD5: 942cb3054669cfaa0c51fd757c7a44a3fc7
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4.orig.tar=2Egz
Size/MD5: 1870439345f407f85bcb36075bc298afe1de953

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.4-1ubuntu2.2_all.deb
Size/MD5: 211362b95b5bbaa86a48b91c8d87a705524f2

amd64 architecture (Athlon64, Opteron, EM64TXeon)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_amd64.deb
Size/MD5: 16242611806b9335aafa82394377a74f3d65ea
http://security.ubuntu.com/ubuntu/pool/main/c/curl
/libcurl3-dbg_7.15.4-1ubuntu2.2_amd64.deb
Size/MD5: 823074c11ddf6ce511e4809288377ca4aa86a7
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_amd64.deb
Size/MD5: 75491604724c0ed915bcbde748bfacf10a67f8
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_amd64.deb
Size/MD5: 1631323785598197c9679a1d91fe8837a060d3
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_amd64.deb
Size/MD5: 762206966aa201d7b17f6a87203f653eb4129d
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_amd64.deb
Size/MD5: 1687764a6f82f361c1d22dce1f0f9b0de40470

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_i386.deb
Size/MD5: 162164c07e1caeed913625260853ffdfbb8292
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_i386.deb
Size/MD5: 79376045fafcd13f0811bd18d60ab88d36cd84

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_i386.deb
Size/MD5: 7403920586b53f280bd090412b2eedd2d05c93
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_i386.deb
Size/MD5: 1603587cf3f3ec250428f231e4f7e51bb995b2
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_i386.deb
Size/MD5: 7468862660f92e5102ba65063641684c4f9974
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_i386.deb
Size/MD5: 165236ff76d9c64e8dd24a459b36db41676d45

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_powerpc.deb
Size/MD5: 16510257061fd7b192ceea122997ee2bf27213
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_powerpc.deb
Size/MD5: 834210efd1b06827be6eab2561865a3408ff0c
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_powerpc.deb
Size/MD5: 762694d352501e7b5c265e0ce6c85c2719f1a5
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_powerpc.deb
Size/MD5: 167004c7cd2b73b3f64c882a0715de14ed2450
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_powerpc.deb
Size/MD5: 768164093a76af0add856e798c6daa08264bbe
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_powerpc.deb
Size/MD5: 1718107776d430c0a5dbedd07e9a1ce551600f

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_sparc.deb
Size/MD5: 162060918b2cadf93b5db7325316ccd335e937
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_sparc.deb
Size/MD5: 782900bf43ee4867468402d58554cfc2dce35f
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_sparc.deb
Size/MD5: 746044c9e6206f8bd3856c27a43953f98ae08b
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_sparc.deb
Size/MD5: 158508d0bda91940feb11e3d5193b3ab5c11ee
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_sparc.deb
Size/MD5: 752404723a03cc344739a4a76ac93aa54c7413
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_sparc.deb
Size/MD5: 163744f3bb65fc94b8421eae7c0980f76b7cec

-- Ubuntu 7.04 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1.diff.gz
Size/MD5: 1995974448240e99df445a95c3dfc9a5fedfa
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1.dsc
Size/MD5: 1017e5ac62cfcd246daa79c8ea31fe1873d0
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5.orig.tar=2Egz
Size/MD5: 189797361997c0d852d38c3a85b445f4fc02892

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.5-1ubuntu2.1_all.deb
Size/MD5: 2308666ff60f3a9606bfcbd9161555ba98ffd

amd64 architecture (Athlon64, Opteron, EM64TXeon)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_amd64.deb
Size/MD5: 164778a60ca725ef39a67311e1cf625182dd70
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_amd64.deb
Size/MD5: 8333623b2afe676373e1590e739d51e1a2effa
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_amd64.deb
Size/MD5: 76930246e4ce27971b0085e4e9b8621ac78325
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_amd64.deb
Size/MD5: 16657247c34f6db4f6ac2e279f431dfa43f919
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_amd64.deb
Size/MD5: 774430724da4b31b2af0e494587ea67e627c05
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_amd64.deb
Size/MD5: 1719223740c0419c27f58699ad0cbf1f62bc9d

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_i386.deb
Size/MD5: 1636249b363c065850cdc5de4c0c2c8d577c8e
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_i386.deb
Size/MD5: 80341461aebe04fe304b8071dc3e3c6d599f54
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_i386.deb
Size/MD5: 75498246d39efe3b3cf381fa9768b206907561
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_i386.deb
Size/MD5: 1636889aa531b89e7a91c7dd423f61b6d1e9ea
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_i386.deb
Size/MD5: 7616267ca1a3498af64e00a0b14d475c318cf6
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_i386.deb
Size/MD5: 168614c8847b248ea0a07c2880a39e8c273b24

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_powerpc.deb
Size/MD5: 168188fba30c479bb726600efbbe247dacdfcc
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_powerpc.deb
Size/MD5: 8462240e24e1e334bb9a9c2307a5dc06a4ea73
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_powerpc.deb
Size/MD5: 774878f608fffc2d89b530081ea487edc4f023
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_powerpc.deb
Size/MD5: 173086c88e11092d9204a6a80e23100a9e02d3
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_powerpc.deb
Size/MD5: 78307290e2eadef1e4e2073dd5db9b4a1b0bfb
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_powerpc.deb
Size/MD5: 178630089d0eda4d96a7049a019e381d098ab3

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_sparc.deb
Size/MD5: 16432412f65aeaeb95a0b15e68b2f98694cf94
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_sparc.deb
Size/MD5: 795758a20f9a4bbc35483e8e54f278759f1015
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_sparc.deb
Size/MD5: 76078633ae03fb796e3048bb092b54fbad9814
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_sparc.deb
Size/MD5: 161990ca9d9ddf030b10d33cf71bd9bacde2cf
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_sparc.deb
Size/MD5: 767010f20906df0712ffe167ac6dffb14137f5
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_sparc.deb
Size/MD5: 167104fcef10350591f8799ccc2ff9f77b9035

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-484-1

OTHER REFERENCES:
SA26104:
http://secunia.com/advisories/26104/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close