CVE-2017-1000101

{"id": "CVE-2017-1000101", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-10-05T01:29:04.103", "references": [{"url": "http://www.debian.org/security/2017/dsa-3992", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/100249", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1039117", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:3558", "source": "cve@mitre.org"}, {"url": "https://curl.haxx.se/docs/adv_20170809A.html", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201709-14", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/HT208221", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2017/dsa-3992", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/100249", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1039117", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2018:3558", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://curl.haxx.se/docs/adv_20170809A.html", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201709-14", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/HT208221", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."}, {"lang": "es", "value": "curl es compatible con el \"globbing\" de URL, donde un usuario puede pasar un rango num\u00e9rico para hacer que la herramienta itere sobre esos n\u00fameros para realizar una secuencia de transferencias. En la funci\u00f3n de \"globbing\" que analiza sint\u00e1cticamente el rango num\u00e9rico, hay una omisi\u00f3n que hace que curl lea un byte m\u00e1s all\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\u00fafer basado en memoria din\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \"http://ur%20[0-60000000000000000000\"."}], "lastModified": "2024-11-21T03:04:09.803", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC7E5201-24A0-4CEF-84D2-76DB195D3A8E"}, {"criteria": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D558CC2-0146-4887-834E-19FCB1D512A3"}, {"criteria": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6931764D-16AB-4546-9CE3-5B4E03BC984A"}, {"criteria": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9"}, {"criteria": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9"}, {"criteria": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B"}, {"criteria": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81"}, {"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0"}, {"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534"}, {"criteria": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24"}, {"criteria": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79F7AE71-7A18-4737-9C02-0A3343B3AD4C"}, {"criteria": "cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC589DE6-773A-43E8-9393-3083DB545671"}, {"criteria": "cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24D735EA-04E3-47E7-A859-3CC1ED887E10"}, {"criteria": "cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "063C1A70-0869-4933-88D7-ECE7ACCF0F99"}, {"criteria": "cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70B0A020-3DA1-4753-B810-C60E7CA06839"}, {"criteria": "cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63A18050-0DA7-400A-B564-AC9A020D57CD"}, {"criteria": "cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D168A62-A5B0-4BA8-8243-1AAF3B395567"}, {"criteria": "cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D"}, {"criteria": "cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7DC2429-0B58-4D68-9337-0077C4493714"}, {"criteria": "cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A"}, {"criteria": "cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2AFED4D-0672-467F-999C-9D6C3722B8C9"}, {"criteria": "cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C"}, {"criteria": "cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA228CD-70CF-41FC-98F6-38194466CC32"}, {"criteria": "cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD"}, {"criteria": "cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA05266-35B6-422D-AE73-4C934B4F5091"}, {"criteria": "cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754"}, {"criteria": "cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2"}, {"criteria": "cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EA9D7F9-A972-41A8-9561-DB72E37184F8"}, {"criteria": "cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "641ACFC8-BDE2-42AC-8B3D-EF78695AD750"}, {"criteria": "cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8629C630-14E0-4C94-BBD1-B5203488A6FB"}, {"criteria": "cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31C6D873-9770-4FD0-AC75-4D6C06FC4A8B"}, {"criteria": "cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}