Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2015-3144

Published: 24/04/2015 Updated: 17/10/2018
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Mysql Enterprise Monitor

Vulnerability Summary

The fix_hostname function in cURL and libcurl 7.37.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by ":80" and ":80."

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql enterprise monitor

haxx curl 7.39.0

haxx curl 7.40.0

haxx curl 7.37.0

haxx curl 7.41.0

haxx curl 7.37.1

haxx curl 7.38.0

haxx libcurl 7.40.0

haxx libcurl 7.41.0

haxx libcurl 7.37.0

haxx libcurl 7.37.1

haxx libcurl 7.38.0

haxx libcurl 7.39

canonical ubuntu linux 14.10

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 15.04

debian debian linux 7.0

Vendor Advisories

Ubuntu Security Notice: curl vulnerabilities
Several security issues were fixed in curl ...
Debian Security Advisories: DSA-3232-1 curl -- security update
Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2015-3143 NTLM-authenticated connections could be wrongly reused for requests without any credentials set, leading to HTTP requests being sent over the connection authenticated as a different user This is similar to the issue fixed in DSA-2849-1 CVE-201 ...
Amazon Linux AMI: ALAS-2015-514
It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticed requests to the same server, the unauthenticated requests could be sent over the N ...
Red Hat: CVE-2015-3144
It was discovered that libcurl did not properly process zero-length host names If an attacker could trick an application using libcurl into processing zero-length host names, this could lead to an out-of-bounds read, and possibly cause that application to crash ...

References

CWE-119http://curl.haxx.se/docs/adv_20150422D.htmlhttp://www.debian.org/security/2015/dsa-3232http://www.ubuntu.com/usn/USN-2591-1http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.htmlhttp://www.securitytracker.com/id/1032232http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00057.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttps://support.apple.com/kb/HT205031http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.htmlhttp://www.securityfocus.com/bid/74300http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743https://security.gentoo.org/glsa/201509-02http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlhttps://usn.ubuntu.com/2591-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-3144
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook