Amazon Linux AMI : curl (ALAS-2015-514)

High Nessus Plugin ID 83057

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticed requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user.
(CVE-2015-3143)

It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones. (CVE-2015-3148)

It was discovered that libcurl did not properly process cookies with a specially crafted 'path' element. If an application using libcurl connected to a malicious HTTP server sending specially crafted 'Set-Cookies' headers, this could lead to an out-of-bounds read, and possibly cause that application to crash. (CVE-2015-3145)

It was discovered that libcurl did not properly process zero-length host names. If an attacker could trick an application using libcurl into processing zero-length host names, this could lead to an out-of-bounds read, and possibly cause that application to crash.
(CVE-2015-3144)

Solution

Run 'yum update curl' to update your system.

See Also

https://alas.aws.amazon.com/ALAS-2015-514.html

Plugin Details

Severity: High

ID: 83057

File Name: ala_ALAS-2015-514.nasl

Version: 2.4

Type: local

Agent: unix

Published: 2015/04/27

Updated: 2018/04/18

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:curl, p-cpe:/a:amazon:linux:curl-debuginfo, p-cpe:/a:amazon:linux:libcurl, p-cpe:/a:amazon:linux:libcurl-devel, cpe:/o:amazon:linux

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 2015/04/22

Reference Information

CVE: CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148

ALAS: 2015-514