Security Flaw Found in cURL Library

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Volema security researchers recently uncovered a remotely exploitable buffer overflow vulnerability in libcurl, the cURL library.

"CURL is a cross-platform command line tool and library for transferring data using URL (uniform resource locator) syntax," writes Computerworld's Lucian Constantin. "It supports a wide range of protocols including HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, DICT, FILE, FTP, FTPS, Gopher, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, Telnet and TFTP."

"The vulnerability is caused due to a boundary error within the 'Curl_sasl_create_digest_md5_message()' function (lib/curl_sasl.c) when negotiating SASL DIGEST-MD5 authentication and can be exploited to cause a stack-based buffer overflow," according to a Secunia security advisory. "Successful exploitation may allow execution of arbitrary code but requires tricking a user into connecting to a malicious server."

"The hole is controversial not because of the command line tools but because of the many programs and scripts that make use of the libcURL library," The H Security reports. "The problem affects versions of libcURL from version 7.26.0 to the current 7.28.1; earlier versions are unaffected."

The flaw was patched last Wednesday with the release of libcurl 7.29.