icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Curl < 7.19.6 Certificate Validation Bypass Vulnerability

High

Synopsis

The remote host may be affected by a security bypass vulnerability.

Description

The remote host is running Curl, a download client for various protocols. This version of Curl reportedly fails to properly validate the domain name in a signed CA certificate because the application stops reading the domain name when it encounters a NULL character. An attacker can exploit this by obtaining a legitimate certificate for a subdomain that contains a NULL character. This issue only affects Curl when it is compiled against OpenSSL.

Solution

Upgrade to Curl version 7.19.6