Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43760
HistoryOct 11, 2023 - 2:40 p.m.

Heap Buffer Overflow

2023-10-1114:40:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
27
curl
vulnerability
socks5
proxy
handshake
heap buffer overflow
arbitrary code execution
software

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.6%

curl is vulnerable to Heap Buffer Overflow. The vulnerability is due to the SOCKS5 proxy handshake. If the hostname is longer then 255 bytes, curl switches to local name resolution, and passes the resolved address to the proxy. If the SOCKS5 handshake is slow, the long hostname is directly copied into the buffer resulting in a Heap Buffer Overflow and possible Arbitrary Code Execution.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.6%