exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2017-1000257

Status Candidate

Overview

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.

Related Files

Red Hat Security Advisory 2018-3558-01
Posted Nov 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3558-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, null pointer, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9586, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-15710, CVE-2017-15715, CVE-2017-7407, CVE-2017-8816, CVE-2017-8817, CVE-2018-1000007
MD5 | 516f51a00fc5765270c849817fc3f4b4
Red Hat Security Advisory 2018-2486-01
Posted Aug 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2486-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include buffer overflow, heap overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-0718, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9598, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-6004, CVE-2017-7186, CVE-2017-7244, CVE-2017-7245, CVE-2017-7246, CVE-2018-0500
MD5 | 4ed8879f71a593f7de2299931bf8ea6f
Gentoo Linux Security Advisory 201712-04
Posted Dec 15, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201712-4 - Multiple vulnerabilities have been found in cURL, the worst of which may allow execution of arbitrary code. Versions less than 7.57.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-1000254, CVE-2017-1000257, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818
MD5 | 6d78a3a66d6ef06d18a2e705bf7acedd
Red Hat Security Advisory 2017-3263-01
Posted Nov 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3263-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an unsuspecting user into connecting to a malicious IMAP server, an attacker could exploit this flaw to potentially cause information disclosure or crash the application.

tags | advisory, web, overflow, imap, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2017-1000257
MD5 | 86651d87af714f9843e058e1d4dfe44c
Ubuntu Security Notice USN-3441-2
Posted Oct 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3441-2 - USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. A Daniel Stenberg discovered that curl incorrectly handled large A floating point output. A remote attacker could use this issue to cause A curl to crash, resulting in a denial of service, or possibly execute A arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9586, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-7407
MD5 | 760c2b6698f663e2ef5f890cf50af9ce
Ubuntu Security Notice USN-3457-1
Posted Oct 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3457-1 - Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2017-1000257
MD5 | 4e6800eeae059ac1675f3796efc281e4
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    2 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close