Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] [USN-86-1] cURL vulnerability

from [Martin Pitt] Network Security [Permanent Link]
Subject: [Full-Disclosure] [USN-86-1] cURL vulnerability
Date: Mon, 28 Feb 2005 12:26:15 +0100 
===========================================================
Ubuntu Security Notice USN-86-1           February 28, 2005
curl vulnerability
CAN-2005-0940
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libcurl2
libcurl2-gssapi

The problem can be corrected by upgrading the affected package to
version 7.12.0.is.7.11.2-1ubuntu0.1.  In general, a standard system
upgrade is sufficient to effect the necessary changes.

Details follow:

infamous41md discovered a buffer overflow in cURL's NT LAN Manager
(NTLM) authentication handling. By sending a specially crafted long
NTLM reply packet, a remote attacker could overflow the reply buffer.
This could lead to execution of arbitrary attacker specified code with
the privileges of the application using the cURL library.

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1.diff.gz
      Size/MD5:   160391 4f1c042b0f375a8d06e0403e5baa3b7e
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1.dsc
      Size/MD5:      707 5ec7fa4228218f3186ad7f41ef1b56eb
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2.orig.tar.gz
      Size/MD5:  1435629 25e6617ea7dec34d072426942b77801f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb
      Size/MD5:   108602 17f9e77e1a091f5e22024396ab19be5f
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb
      Size/MD5:  1043660 1163357a2e57d670326df84ccbe01108
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb
      Size/MD5:   568022 b91d5f9a6b39b84962840f8f0a552f91
    
http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb
      Size/MD5:   111892 283edaf68d6a725710ed966a09729fb1
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb
      Size/MD5:   224598 d5549b89c19484e8b4488a46e4b5b727

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb
      Size/MD5:   107762 dbb0f3404f4955d89e39134c309ba68d
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb
      Size/MD5:  1028978 6fb4edd748b6b2e92db5cc935fb063cb
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb
      Size/MD5:   556594 31b0848d7a44250a2f3536ead3462a0f
    
http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb
      Size/MD5:   109912 0b5b91da5ca5fc37b1d1e5f04c51962e
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb
      Size/MD5:   222848 77aa777db65b32788cea78fdd1d9ef4d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   110090 ae4f871f3f6126b1ecf787affe26640c
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb
      Size/MD5:  1052794 4bf356eeaaf1f6af0723cc0c63a4ed57
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   573412 501500cf49764c55476e339e9347cd9a
    
http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   116296 9f6d567b715c1ee08afecc02c8909783
    
http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   229450 1c45a89cb1c4852d1260aa21bcc1f6c0

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] [USN-86-1] cURL vulnerability, Martin Pitt <=
Previous by Date:  [Full-Disclosure] [HAT-SQUAD] BadBlue, Easy P2P File Sharing Remote Exploit (update), class 101
Next by Date:  [Full-Disclosure] [USN-87-1] Cyrus IMAP server vulnerability, Martin Pitt
Previous by Thread:  [Full-Disclosure] [HAT-SQUAD] BadBlue, Easy P2P File Sharing Remote Exploit (update), class 101
Next by Thread:  [Full-Disclosure] [USN-87-1] Cyrus IMAP server vulnerability, Martin Pitt
Indexes:  [Date] [Thread] [Top] [All Lists]