Medium: curl

2015-04-22T16:14:00
ID ALAS-2015-514
Type amazon
Reporter Amazon
Modified 2015-04-22T16:14:00

Description

Issue Overview:

It was discovered that libcurl could incorrectly reuse NTLM-authenticated connections for subsequent unauthenticated requests to the same host. If an application using libcurl established an NTLM-authenticated connection to a server, and sent subsequent unauthenticed requests to the same server, the unauthenticated requests could be sent over the NTLM-authenticated connection, appearing as if they were sent by the NTLM authenticated user. (CVE-2015-3143 __)

It was discovered that libcurl could incorrectly reuse Negotiate authenticated HTTP connections for subsequent requests. If an application using libcurl established a Negotiate authenticated HTTP connection to a server and sent subsequent requests with different credentials, the connection could be re-used with the initial set of credentials instead of using the new ones. (CVE-2015-3148 __)

It was discovered that libcurl did not properly process cookies with a specially crafted "path" element. If an application using libcurl connected to a malicious HTTP server sending specially crafted "Set-Cookies" headers, this could lead to an out-of-bounds read, and possibly cause that application to crash. (CVE-2015-3145 __)

It was discovered that libcurl did not properly process zero-length host names. If an attacker could trick an application using libcurl into processing zero-length host names, this could lead to an out-of-bounds read, and possibly cause that application to crash. (CVE-2015-3144 __)

Affected Packages:

curl

Issue Correction:
Run yum update curl to update your system.

New Packages:

i686:  
    curl-7.40.0-3.50.amzn1.i686  
    curl-debuginfo-7.40.0-3.50.amzn1.i686  
    libcurl-devel-7.40.0-3.50.amzn1.i686  
    libcurl-7.40.0-3.50.amzn1.i686

src:  
    curl-7.40.0-3.50.amzn1.src

x86_64:  
    curl-7.40.0-3.50.amzn1.x86_64  
    libcurl-7.40.0-3.50.amzn1.x86_64  
    curl-debuginfo-7.40.0-3.50.amzn1.x86_64  
    libcurl-devel-7.40.0-3.50.amzn1.x86_64