Lucene search

K
osvGoogleOSV:USN-6429-3
HistoryOct 17, 2023 - 11:22 a.m.

curl vulnerabilities

2023-10-1711:22:48
Google
osv.dev
9
curl
vulnerabilities
ubuntu 23.10
socks5
proxy
arbitrary code
cookies
local attacker
cve-2023-38545
cve-2023-38546
security advisory

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

70.8%

USN-6429-1 fixed vulnerabilities in curl. This update provides the
corresponding updates for Ubuntu 23.10.

Original advisory details:

Jay Satiro discovered that curl incorrectly handled hostnames when using a
SOCKS5 proxy. In environments where curl is configured to use a SOCKS5
proxy, a remote attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-38545)

It was discovered that curl incorrectly handled cookies when an application
duplicated certain handles. A local attacker could possibly create a cookie
file and inject arbitrary cookies into subsequent connections.
(CVE-2023-38546)

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

70.8%