CVE-2018-1000301 – curl: Out-of-bounds heap read when missing RTSP headers allows information leak or denial of service
https://notcve.org/view.php?id=CVE-2018-1000301
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0. curl en su versión 7.20.0 hasta la 7.59.0 contiene una vulnerabilidad CWE-126: sobrelectura de búfer y denegación de servicio (DoS) que puede resultar en que se puede engañar a curl para que lea datos más allá del final de un búfer de memoria dinámica (heap) que se usa para almacenar contenido RTSP descargado. La vulnerabilidad parece haber sido solucionada en las versiones anteriores a la 7.20.0 y en la 7.60.0 y posteriores. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/104225 http://www.securitytracker.com/id/1040931 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3157 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2020:0544 https://access.redhat.com/errata/RHSA-2020:0594 https://curl • CWE-125: Out-of-bounds Read •
CVE-2018-1000300
https://notcve.org/view.php?id=CVE-2018-1000300
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. curl en su versión 7.54.1 hasta la 7.59.0 contiene una vulnerabilidad CWE-122: desbordamiento de búfer basado en memoria dinámica (heap) y una denegación de servicio (DoS) que puede resultar en que se podría desbordar un búfer de memoria dinámica al cerrar una conexión FTP con respuestas de comandos del servidor muy largas. La vulnerabilidad parece haber sido solucionada en las versiones anteriores a la 7.54.1 y en la 7.60.0 y posteriores. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/104207 http://www.securitytracker.com/id/1040933 https://curl.haxx.se/docs/adv_2018-82c2.html https://security.gentoo.org/glsa/201806-05 https://usn.ubuntu.com/3648-1 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html • CWE-787: Out-of-bounds Write •
CVE-2018-1000120 – curl: FTP path trickery leads to NIL byte out of bounds write
https://notcve.org/view.php?id=CVE-2018-1000120
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. Existe un desbordamiento de búfer en curl, de la versión 7.12.3 a la 7.58.0, en la gestión de URL FTP que permite que un atacante provoque una denegación de servicio (DoS) o algo peor. It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash or an unspecified behavior. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/103414 http://www.securitytracker.com/id/1040531 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3157 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:1543 https://access.redhat.com/errata/RHSA-2020:0544 https://access • CWE-787: Out-of-bounds Write •
CVE-2018-1000121 – curl: LDAP NULL pointer dereference
https://notcve.org/view.php?id=CVE-2018-1000121
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service Existe una desreferencia de puntero NULL en curl, de la versión 7.21.0 a la 7.58.0, en el código LDAP que permite que un atacante provoque una denegación de servicio (DoS). A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/103415 http://www.securitytracker.com/id/1040529 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3157 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2020:0544 https://access.redhat.com/errata/RHSA-2020:0594 https://curl • CWE-476: NULL Pointer Dereference •
CVE-2018-1000122 – curl: RTSP RTP buffer over-read
https://notcve.org/view.php?id=CVE-2018-1000122
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage Existe una sobrelectura de búfer en curl, de la versión 7.20.0 a la 7.58.0, en el código de gestión RTSP+RTP que permite que un atacante provoque una denegación de servicio (DoS) o una fuga de información. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/103436 http://www.securitytracker.com/id/1040530 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3157 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:1543 https://access.redhat.com/errata/RHSA-2020:0544 https://access • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •