Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-16890

Опубликовано: 06 фев. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (lib/vauth/ntlm.c:ntlm_decode_type2_target) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

РелизСтатусПримечание
bionic

released

7.58.0-2ubuntu3.6
cosmic

released

7.61.0-1ubuntu2.3
devel

released

7.64.0-1ubuntu1
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

released

7.58.0-2ubuntu3.6
esm-infra/xenial

released

7.47.0-1ubuntu2.12
precise/esm

not-affected

code not present
trusty

not-affected

code not present
trusty/esm

not-affected

code not present
upstream

released

7.64.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 80%
0.01424
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-16890

CVSS3: 4.3
redhat
больше 6 лет назад

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

nvd логотип

CVE-2018-16890

CVSS3: 7.5
nvd
больше 6 лет назад

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

debian логотип

CVE-2018-16890

CVSS3: 7.5
debian
больше 6 лет назад

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap ...

github логотип

GHSA-53fg-3j53-939q

CVSS3: 7.5
github
больше 3 лет назад

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

fstec логотип

BDU:2019-01750

CVSS3: 7.5
fstec
почти 7 лет назад

Уязвимость функции ntlm_decode_type2_target библиотеки libcurl, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 80%
0.01424
Низкий

5 Medium

CVSS2

7.5 High

CVSS3