KLA10750
Data manipulations vulnerability in cURL
Обновлено: 17/06/2019
Дата обнаружения
29/01/2016
Уровень угрозы
Warning
Описание

Lack of data sanitization was found in cURL command line tool for Windows. By exploiting this vulnerability malicious users can write arbitrary local file. This vulnerability can be exploited remotely via a specially designed file name.


Technical details

cURL does not sanitize colons in a remote file name when options -O or -OJ is used and remote file name contains colons. This vulnerability is exploitable only on Windows cause it’s the only system which interprets colon as mark of drive letter. You can look for multiple technical details, examples and recommendations at original vendor advisory.

Пораженные продукты

cURL command line tool for Windows versions earlier than 7.47.0

Решение

Update to the latest version, avoid using -O and -OJ parameters or apply patch listed in original advisory and rebuild.
cURL download page

Первичный источник обнаружения
Vendor advisory
Оказываемое влияние
?
WLF 
[?]
CVE-IDS
CVE-2016-07545.0Critical