CVE-2015-3237
https://notcve.org/view.php?id=CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. La función smb_request_state en cURL y libcurl 7.40.0 hasta 7.42.1 permite a servidores SMB remotos obtener información sensible de la memoria o causar una denegación de servicio (lectura fuera de rango y caída) a través de valores de longitud y desplazamiento manipulados. • http://curl.haxx.se/docs/adv_20150617B.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/75387 http://www.securityfocus.com/bid/91787 http://www.securitytracker.com/id/1036371 https://h20566.www2.hpe.com • CWE-20: Improper Input Validation •
CVE-2015-3153
https://notcve.org/view.php?id=CVE-2015-3153
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. La configuración por defecto para cURL y libcurl anterior a 7.42.1 envía cabeceras HTTP personalizadas tanto al servidor proxy como al de destinación, lo que podría permitir a servidores proxy remotos obtener información sensible mediante la lectura de los contenidos de cabeceras. • http://curl.haxx.se/docs/adv_20150429.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00017.html http://www.debian.org/security/2015/dsa-3240 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.oracle.com/technetwork/topics/security/cpu • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-3144
https://notcve.org/view.php?id=CVE-2015-3144
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." La función fix_hostname en cURL y libcurl 7.37.0 hasta 7.41.0 no calcula correctamente un indice, lo que permite a atacantes remotos causar una denegación de servicio (lectura o escritura fuera de rango y caída) o posiblemente tener otro impacto no especificado a través de un nombre de anfitrión de longitud cero, tal y como fue demostrado por 'http://:80' y ':80.' • http://curl.haxx.se/docs/adv_20150422D.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3145
https://notcve.org/view.php?id=CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. La función sanitize_cookie_path en cURL y libcurl 7.31.0 hasta 7.41.0 no calcula correctamente un indice, lo que permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango y caída) o posiblemente tener otro impacto no especificado a través de una ruta de cookie que contiene solamente un carácter de comillas dobles. • https://github.com/serz999/CVE-2015-3145 http://advisories.mageia.org/MGASA-2015-0179.html http://curl.haxx.se/docs/adv_20150422C.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3143 – curl: re-using authenticated connection when unauthenticated
https://notcve.org/view.php?id=CVE-2015-3143
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a través de una solicitud no autenticada, un problema similar a CVE-2014-0015. It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticated requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user. • http://advisories.mageia.org/MGASA-2015-0179.html http://curl.haxx.se/docs/adv_20150422A.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html http://lists.fedoraproject.org • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •