SB2018031503 - Multiple vulnerabilities in cURL
Published: March 15, 2018
Security Bulletin ID
SB2018031503
Severity
High
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Null pointer dereference (CVE-ID: CVE-2018-1000121)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to NULL pointer dereference in ldap_get_attribute_ber(). A remote attacker can return a specially crafted redirect to an LDAP URL, trigger NULL pointer dereference and cause the service to crash.//
2) Heap-based buffer overflow (CVE-ID: CVE-2018-1000120)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow. A remote attacker that can control the paths that curl uses for FTP can create specially crafted path names containing the control characters '%00', trigger memory corruption and execute arbitrary code.
3) Buffer over-read (CVE-ID: CVE-2018-1000122)
The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition.The weakness exists due to buffer over-read. A remote attacker can cause the target application to trigger a buffer copy error in processing RTSP URLs and cause the application to crash or access potentially sensitive information on the target system.
Remediation
Install update from vendor's website.