cURL/libcurl 7.x < 7.50.1 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 9764
SynopsisThe host is running a version of cURL/libcurl that is vulnerable to multiple attack vectors.
DescriptionVersions of cURL and libcurl prior to 7.50.1 are affected by multiple vulnerabilities :
- A flaw exists in 'lib/vtls/vtls.c' due to the program attempting to resume TLS sessions even if the client certificate fails. This may allow a context-dependent attacker to bypass validation mechanisms. (CVE-2016-5419)
- A use-after-free error exists in the 'close_all_connections()' function in 'lib/multi.c'. The issue is triggered as connection pointers are not properly cleared for easy handles. This may allow a context-dependent attacker to dereference already freed memory and have an unspecified impact that may potentially include code execution. (CVE-2016-5421)
SolutionUpgrade to cURL/libcurl 7.50.1 or later.