Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2013-0249

Published: 08/03/2013 Updated: 08/12/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Haxx

Vulnerability Summary

Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 up to and including 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

haxx curl 7.26.0

haxx libcurl 7.26.0

haxx curl 7.28.1

haxx libcurl 7.28.1

haxx curl 7.27.0

haxx libcurl 7.27.0

haxx curl 7.28.0

haxx libcurl 7.28.0

canonical ubuntu linux 12.10

Vendor Advisories

Debian CVElist Bug Report Logs: curl: CVE-2013-0249
Debian Bug report logs - #700002 curl: CVE-2013-0249 Package: curl; Maintainer for curl is Alessandro Ghedini <ghedo@debianorg>; Source for curl is src:curl (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 7 Feb 2013 08:39:02 UTC Severity: grave Tags: patch, security Found in vers ...
Ubuntu Security Notice: curl vulnerability
curl could be made to crash or run programs if it opened a malicious URL ...

Exploits

Exploit DB: cURL - Buffer Overflow (PoC)
cURL buffer overflow Wed 06 February 2013 Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3, SMTP protocol handlers which lead to code execution (RCE) When negotiating SASL DIGEST-MD5 authentication, the function Curl_sasl_create_digest_md5_message() uses the data provided from the server without doing the proper len ...
Exploit DB: cURL Buffer Overflow
A remotely exploitable buffer overflow vulnerability was discovered in the libcurl POP3 and SMTP protocol handlers Proper exploitation can allow for arbitrary code execution ...

References

CWE-119http://nakedsecurity.sophos.com/2013/02/10/anatomy-of-a-vulnerability-curl-web-download-toolkit-holed-by-authentication-bug/http://curl.haxx.se/docs/adv_20130206.htmlhttp://www.securitytracker.com/id/1028093http://packetstormsecurity.com/files/120170/Slackware-Security-Advisory-curl-Updates.htmlhttp://www.osvdb.org/89988http://www.exploit-db.com/exploits/24487http://www.ubuntu.com/usn/USN-1721-1http://packetstormsecurity.com/files/120147/cURL-Buffer-Overflow.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/099140.htmlhttp://blog.volema.com/curl-rce.htmlhttp://lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.securityfocus.com/bid/57842https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700002https://usn.ubuntu.com/1721-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/24487/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook