In association with heise online

04 March 2009, 12:27

Security update for cURL

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A security update for cURL, the file transfer utility, and its associated libcurl library has been released to fix a vulnerability which could allow an attacker to examine files on a system, or possibly even write files. The cause of the problem is the cURL (Client for URL) automatic redirection feature.

This allows a remote site to redirect http:// requests to file:// which would then read a local file. A site that used cURL based applications could be tricked into downloading from what it thinks is a http:// URL and find itself redirected to using a local file, which may then be exposed in some other way by the site. According to the advisory the problem can also be exploited to overwrite local files. If SCP support has been enabled in libcurl, there is also a possibility that using embedded semi-colons can be used to execute commands on a server.

Versions of cURL and libcurl from version 5.11 up to and including 7.19.3 are vulnerable; versions before 5.11 and after 7.19.3 are not vulnerable. Version 7.19.4 and patches for older versions are available from the developers.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-740345
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit