CLD-162 Details
Other IDs this deficiency may be known by:
Basic Information:
| Affected Package(s) |
curl |
| Deficiency Type |
SECURITY |
| Date Created |
2017-11-29 09:05:48 |
| Date Last Modified |
2017-11-29 15:02:37 |
Version Specific Information:
| Cucumber 1.0 i686 | fixed in curl-7.57.0-i686-1 |
| Cucumber 1.0 x86_64 | fixed in curl-7.57.0-x86_64-1 and curl-lib_i686-7.57.0-lib_i686-1 |
| Cucumber 1.1 i686 |
fixed in curl-7.57.0-i686-1 |
| Cucumber 1.1 x86_64 |
fixed in curl-7.57.0-x86_64-1 and curl-lib_i686-7.57.0-lib_i686-1 |
Details:
================================ Initial Report ================================
From Curl Security (https://curl.haxx.se/docs/adv_2017-ae72.html)
libcurl contains a read out of bounds flaw in the FTP wildcard function.
libcurl's FTP wildcard matching feature, which is enabled with the
CURLOPT_WILDCARDMATCH option can use a built-in wildcard function or a user
provided one. The built-in wildcard function has a flaw that makes it not detect
the end of the pattern string if it ends with an open bracket ([) but instead it
will continue reading the heap beyond the end of the URL buffer that holds the
wildcard.
For applications that use HTTP(S) URLs, allow libcurl to handle redirects and
have FTP wildcards enabled, this flaw can be triggered by malicious servers that
can redirect clients to a URL using such a wildcard pattern.
We are not aware of any exploit of this flaw.
This bug was introduced in commit 0825cd80a62c, May 2010.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name
CVE-2017-8817 to this issue.
================================= Our Analysis =================================
----- Affected Products -----
Curl versions after and including 7.21.0 but prior to 7.57.0 that have not had
this patch (https://curl.haxx.se/CVE-2017-8817.patch) applied are vulnerable to
this vulnerability.
----- Scope and Impact of this Vulnerability -----
This is a buffer overflow in the HTTPS URL handling portion of libcurl that can
be used to redirect clients to a different URL using a specially crafted
wildcard pattern.
As of Wed Nov 29 09:44:59 EST 2017, there have been no reports of any exploit of
this flaw.
----- Fix for this Vulnerability -----
This vulnerability can be fixed by upgrading to curl 7.57.0 or applying the
patch at https://curl.haxx.se/CVE-2017-8817.patch.
================================= Our Solution =================================
We have upgraded to curl 7.57.0 to fix this vulnerability.