SB2016110316 - URL redirection in curl (Alpine package)
Published: November 3, 2016
Security Bulletin ID
SB2016110316
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) URL redirection (CVE-ID: CVE-2016-8624)
The vulnerability allows a remote attacker to perform phishing attacks.
The vulnerability is caused by an error when parsing URL. A remote attacker can supply a link with ending "#" character in hostname and cause libcurl client to redirect to a host, specified after the "#" character.
Exploit example:
http://example.com#@evilsite.com/1.txt
The above URL will force libcurl client to connect to evilsite.com hostname instead of example.com.
The vulnerability allows an attacker to perform phishing attacks by tricking victims to connect to untrusted host.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=e57c1f8b95e9a6aecc75e9eaae6c7bf9e259adb6
- https://git.alpinelinux.org/aports/commit/?id=7079fe21530ae1c8147925d8b591131b786ab2e9
- https://git.alpinelinux.org/aports/commit/?id=619d9f8608068fab555a9a54e6154eb798eb5c2c
- https://git.alpinelinux.org/aports/commit/?id=39696e7a1a7079578ea07cb9514fd0c50105340e
- https://git.alpinelinux.org/aports/commit/?id=ba3dc3d210189d8b88c35c3b6850f54f8041f3fa
- https://git.alpinelinux.org/aports/commit/?id=4cbdd0cf8c1d0c855e0d3cfb56ef02aa19716a01
- https://git.alpinelinux.org/aports/commit/?id=41621bfa2c8cbc7303191ddefd9ccaa650d8b359
- https://git.alpinelinux.org/aports/commit/?id=ffe6b82496f728d1d75dae4030047c6ff48a9c5a