CVE-2018-1000120HIGH
Description
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
References
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103414
http://www.securitytracker.com/id/1040531
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2018:3157
https://access.redhat.com/errata/RHSA-2018:3558
https://access.redhat.com/errata/RHSA-2019:1543
https://curl.haxx.se/docs/adv_2018-9cd6.html
https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html
https://usn.ubuntu.com/3598-1/
https://usn.ubuntu.com/3598-2/
https://www.debian.org/security/2018/dsa-4136
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Details
Source: MITRE
Published: 2018-03-14
Updated: 2019-06-18
Type: CWE-787
Risk Information
CVSS v2.0
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
CVSS v3.0
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 3
OR
cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from 7.12.3 to 7.58.0 (inclusive)
Configuration 4
OR
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 5
OR
cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 134066 | RHEL 7 : curl (RHSA-2020:0594) | Nessus | Red Hat Local Security Checks | high |
| 133787 | RHEL 7 : curl (RHSA-2020:0544) | Nessus | Red Hat Local Security Checks | high |
| 131184 | Oracle Enterprise Manager Ops Center (Jan 2019 CPU) | Nessus | Misc. | high |
| 127212 | NewStart CGSL CORE 5.04 / MAIN 5.04 : curl Multiple Vulnerabilities (NS-SA-2019-0039) | Nessus | NewStart CGSL Local Security Checks | high |
| 125002 | EulerOS Virtualization 3.0.1.0 : curl (EulerOS-SA-2019-1549) | Nessus | Huawei Local Security Checks | high |
| 124993 | EulerOS Virtualization for ARM 64 3.0.1.0 : curl (EulerOS-SA-2019-1540) | Nessus | Huawei Local Security Checks | critical |
| 124090 | Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU) | Nessus | Web Servers | high |
| 121819 | Photon OS 1.0: Curl PHSA-2018-1.0-0124 | Nessus | PhotonOS Local Security Checks | high |
| 121048 | Amazon Linux 2 : nss-pem (ALAS-2019-1139) | Nessus | Amazon Linux Local Security Checks | high |
| 120747 | Fedora 28 : curl (2018-bc65ab5014) | Nessus | Fedora Local Security Checks | high |
| 119180 | Scientific Linux Security Update : curl and nss-pem on SL7.x x86_64 (20181030) | Nessus | Scientific Linux Local Security Checks | high |
| 118996 | CentOS 7 : curl / nss-pem (CESA-2018:3157) | Nessus | CentOS Local Security Checks | high |
| 118775 | Oracle Linux 7 : curl / nss-pem (ELSA-2018-3157) | Nessus | Oracle Linux Local Security Checks | high |
| 118532 | RHEL 7 : curl and nss-pem (RHSA-2018:3157) | Nessus | Red Hat Local Security Checks | high |
| 118418 | EulerOS Virtualization 2.5.0 : curl (EulerOS-SA-2018-1330) | Nessus | Huawei Local Security Checks | high |
| 111928 | Photon OS 1.0: Curl PHSA-2018-1.0-0124 (deprecated) | Nessus | PhotonOS Local Security Checks | high |
| 111333 | Oracle Secure Global Desktop Multiple Vulnerabilities (July 2018 CPU) | Nessus | Misc. | high |
| 110867 | EulerOS 2.0 SP3 : curl (EulerOS-SA-2018-1203) | Nessus | Huawei Local Security Checks | high |
| 109890 | SUSE SLES11 Security Update : curl (SUSE-SU-2018:1323-1) | Nessus | SuSE Local Security Checks | high |
| 109508 | EulerOS 2.0 SP2 : curl (EulerOS-SA-2018-1110) | Nessus | Huawei Local Security Checks | high |
| 109507 | EulerOS 2.0 SP1 : curl (EulerOS-SA-2018-1109) | Nessus | Huawei Local Security Checks | high |
| 109184 | Amazon Linux AMI : curl (ALAS-2018-995) | Nessus | Amazon Linux Local Security Checks | high |
| 109178 | Amazon Linux 2 : curl (ALAS-2018-995) | Nessus | Amazon Linux Local Security Checks | high |
| 108925 | GLSA-201804-04 : cURL: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 108629 | openSUSE Security Update : curl (openSUSE-2018-299) | Nessus | SuSE Local Security Checks | high |
| 108579 | SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0769-1) | Nessus | SuSE Local Security Checks | high |
| 108502 | Fedora 27 : curl (2018-8877b4ccac) | Nessus | Fedora Local Security Checks | high |
| 108500 | Fedora 26 : curl (2018-66c96e0024) | Nessus | Fedora Local Security Checks | high |
| 108416 | Debian DLA-1309-1 : curl security update | Nessus | Debian Local Security Checks | high |
| 108403 | Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : curl vulnerabilities (USN-3598-1) | Nessus | Ubuntu Local Security Checks | high |
| 108382 | Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2018-074-01) | Nessus | Slackware Local Security Checks | high |
| 108345 | Debian DSA-4136-1 : curl - security update | Nessus | Debian Local Security Checks | high |