CVE-2018-16890
06.02.2019, 20:29
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| haxx | libcurl | 7.36.0 ≤ 𝑥 < 7.64.0 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 9.0 |
| netapp | clustered_data_ontap | * |
| siemens | sinema_remote_connect_client | 𝑥 ≤ 2.0 |
| oracle | communications_operations_monitor | 3.4 |
| oracle | communications_operations_monitor | 4.0 |
| oracle | http_server | 12.2.1.3.0 |
| oracle | secure_global_desktop | 5.4 |
| redhat | enterprise_linux | 8.0 |
| f5 | big-ip_access_policy_manager | 13.1.0 ≤ 𝑥 ≤ 13.1.3 |
| f5 | big-ip_access_policy_manager | 14.0.0 ≤ 𝑥 ≤ 14.1.2 |
| f5 | big-ip_access_policy_manager | 15.0.0 ≤ 𝑥 ≤ 15.0.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| curl |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| libcurl-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| libcurl4 |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| libcurl4-32bit |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References