what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2023-38545

Status Candidate

Overview

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with.

Related Files

Red Hat Security Advisory 2024-2011-03
Posted Apr 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | 2119d78f1779fb5b9df8e781bf9b4da66e88cda956d9bdc4f6e4838153ac9474
Apple Security Advisory 01-22-2024-7
Posted Jan 29, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-7 - macOS Monterey 12.7.3 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222
SHA-256 | f47b5cc3fc3e2932c779a5e08268ff04f0c8b72f286e970997597391f2eb5f5b
Apple Security Advisory 01-22-2024-6
Posted Jan 29, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-6 - macOS Ventura 13.6.4 addresses bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023-42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224
SHA-256 | 47401dee058f86008aabd7e82b8eacb1135f296db5a860fbaf2791d6ee670c04
Apple Security Advisory 01-22-2024-3
Posted Jan 26, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23206, CVE-2024-23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23222
SHA-256 | f808342c47a19d49aca6649451e4d052f6ea01681c6945bc9ba9ef843c24277b
Red Hat Security Advisory 2023-6745-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6745-01 - An update for curl is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | ced80e77d881083e9cf75d53da087ceeda141bcfde2804ec2c4ef3799f33681b
Ubuntu Security Notice USN-6429-3
Posted Oct 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6429-3 - USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.

tags | advisory, remote, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | d1725e2867219ce04c36896ee359cb48113c317935ea121e2af01b7b802e2783
Red Hat Security Advisory 2023-5763-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5763-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | 510c6724745c0651fdfcdb28c913292f03ad32f78e765fb9849dd2ced54a1233
Red Hat Security Advisory 2023-5700-01
Posted Oct 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5700-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | 43a3801f3c1efdcc6ec83fd26a2db345717038d202709cc98bd394c86f9fc238
Debian Security Advisory 5523-1
Posted Oct 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5523-1 - Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool.

tags | advisory
systems | linux, debian
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | 6f8cac21edc730d0834c13186c9df39c586cd8ff7546f9e0e8f727ca7b9552ec
Ubuntu Security Notice USN-6429-1
Posted Oct 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6429-1 - Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | cdf87ef50399c95276fdc38c6e1cbde856743680fa9b47c87c04c69d255f590a
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close