KLA10750
Data manipulations vulnerability in cURL
Updated: 06/01/2019
Detect date
?
01/29/2016
Severity
?
Warning
Description

Lack of data sanitization was found in cURL command line tool for Windows. By exploiting this vulnerability malicious users can write arbitrary local file. This vulnerability can be exploited remotely via a specially designed file name.


Technical details

cURL does not sanitize colons in a remote file name when options -O or -OJ is used and remote file name contains colons. This vulnerability is exploitable only on Windows cause it’s the only system which interprets colon as mark of drive letter. You can look for multiple technical details, examples and recommendations at original vendor advisory.

Affected products

cURL command line tool for Windows versions earlier than 7.47.0

Solution

Update to the latest version, avoid using -O and -OJ parameters or apply patch listed in original advisory and rebuild.
cURL download page

Original advisories

Vendor advisory

Impacts
?
WLF 
[?]
CVE-IDS
?
CVE-2016-07545.0Critical