Main Vulnerability Database SB2019020808

SB2019020808 - Amazon Linux AMI update for curl

Published: February 8, 2019 Updated: February 11, 2019

Security Bulletin ID SB2019020808

Severity

High

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2018-20483)

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to set_file_metadata in xattr.c stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file. A local attacker can read this attribute, as demonstrated by getfattr and obtain credentials contained in the URL.

2) Heap-based buffer overflow (CVE-ID: CVE-2018-0500)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in curl_smtp_escape_eob in lib/smtp.c due to heap-based buffer overflow when a system invokes curl to send data via SMTP and uses a reduced read buffer. A remote unauthenticated attacker can trigger memory corruption and cause the service to crash or execute arbitrary data with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

https://alas.aws.amazon.com/ALAS-2019-1151.html