[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] SCOSA-2006.16 UnixWare 7.1.4 : libcurl URL Parsing Vulnerability
- To: security-announce@xxxxxxxxxxxx
- Subject: [Full-disclosure] SCOSA-2006.16 UnixWare 7.1.4 : libcurl URL Parsing Vulnerability
- From: SCO Security Advisories <security@xxxxxxx>
- Date: Wed, 29 Mar 2006 08:35:54 -0800
--
Dr. Ronald Joe Record
Chief Security Officer
SCO
rr@xxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: UnixWare 7.1.4 : libcurl URL Parsing Vulnerability
Advisory number: SCOSA-2006.16
Issue date: 2006 March 28
Cross reference: fz533390
CVE-2005-4077
______________________________________________________________________________
1. Problem Description
This vulnerability is caused due to an off-by-one error
when parsing a URL that is longer than 256 bytes. By using
a specially crafted URL, a two-byte overflow is reportedly
possible. This may be exploited to corrupt memory allocation
structures. The vulnerability is reportedly exploitable
only via a direct request to cURL and not via a redirect.
The vulnerability has been reported in version 7.15.0 and
prior.
The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-4077 to
this issue.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.4 The curl package
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.4
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.16
4.2 Verification
MD5 (curl-7.15.1.pkg) = 62f7076f2d1096e131dd0e9780ee15fd
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download curl-7.15.1.pkg to the /var/spool/pkg directory
# pkgadd -d /var/spool/pkg/curl-7.15.1.pkg
5. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
http://www.hardened-php.net/advisory_242005.109.html
http://secunia.com/advisories/17907/
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents fz533390.
6. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
7. Acknowledgments
Provided and/or discovered by: Stefan Esser, Hardened PHP Project.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (SCO_SV)
iD8DBQFEKdepaqoBO7ipriERAlsyAJ9sVkFxf4AbhIQ/vLh9NkoZbfNkbgCgqR5j
daTMqYraFNp/w0886giZpFc=
=pBhs
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/