SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |   



Category:   Application (Generic)  >   curl Vendors:   curl.haxx.se
cURL HTTP Redirect Processing May Let Remote Users Obtain Potentially Sensitive Information from Custom Authentication Headers
SecurityTracker Alert ID:  1040274
SecurityTracker URL:  https://securitytracker.com/id/1040274
CVE Reference:   CVE-2018-1000007   (Links to External Site)
Date:  Jan 25 2018
Impact:   Disclosure of authentication information, Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.1 - 7.57.0
Description:   A vulnerability was reported in cURL. A remote user can obtain potentially sensitive information on the target system.

When sending custom headers in an HTTP request and an HTTP 30X redirect response code is received, libcurl sends the custom headers to the server specified in the 'Location:' response header. A remote user may be able to obtain potentially sensitive authentication information from applications that use custom 'Authorization:' headers.

The vendor was notified on January 18, 2018.

Craig de Stigter reported this vulnerability.

Impact:   A remote user may be able to obtain potentially sensitive authentication information from applications that use custom 'Authorization:' headers.
Solution:   The vendor has issued a fix (7.58.0).

The vendor advisory is available at:

https://curl.haxx.se/docs/adv_2018-b3bf.html

Vendor URL:  curl.haxx.se/docs/adv_2018-b3bf.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 19 2018 (Juniper Issues Fix for Juniper Junos) cURL HTTP Redirect Processing May Let Remote Users Obtain Potentially Sensitive Information from Custom Authentication Headers
Juniper has issued a fix for Juniper Junos.
Oct 30 2018 (Red Hat Issues Fix) cURL HTTP Redirect Processing May Let Remote Users Obtain Potentially Sensitive Information from Custom Authentication Headers
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Nov 12 2018 (Oracle Issues Fix for Oracle Linux) cURL HTTP Redirect Processing May Let Remote Users Obtain Potentially Sensitive Information from Custom Authentication Headers
Oracle has issued a fix for Oracle Linux 7.



 Source Message Contents

Subject:  [oss-security] [SECURITY ADVISORY] curl: HTTP authentication leak in redirects


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search


Content previously copyright SecurityGlobal.net LLC placed in the public domain on December 31, 2019.