CVE-2017-8816

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://security.cucumberlinux.com/security/details.php?id=161	Third Party Advisory
http://www.securityfocus.com/bid/101998	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039896	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040608
https://access.redhat.com/errata/RHSA-2018:3558
https://curl.haxx.se/docs/adv_2017-12e7.html	Mitigation Vendor Advisory
https://security.gentoo.org/glsa/201712-04	Third Party Advisory
https://www.debian.org/security/2017/dsa-4051	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:haxx:curl::::::::
	cpe:2.3:a:haxx:libcurl::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

History

No history.

Information

Published : 2017-11-29 18:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-8816

Mitre link : CVE-2017-8816

CVE.ORG link : CVE-2017-8816

JSON object : View

Products Affected

haxx

libcurl
curl

debian

debian_linux

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2017-8816", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-11-29T18:29:00.300", "references": [{"url": "http://security.cucumberlinux.com/security/details.php?id=161", "tags": ["Third Party Advisory"], "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/bid/101998", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "http://www.securitytracker.com/id/1039896", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@debian.org"}, {"url": "http://www.securitytracker.com/id/1040608", "source": "security@debian.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:3558", "source": "security@debian.org"}, {"url": "https://curl.haxx.se/docs/adv_2017-12e7.html", "tags": ["Mitigation", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "https://security.gentoo.org/glsa/201712-04", "tags": ["Third Party Advisory"], "source": "security@debian.org"}, {"url": "https://www.debian.org/security/2017/dsa-4051", "tags": ["Third Party Advisory"], "source": "security@debian.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields."}, {"lang": "es", "value": "La caracter\u00edstica de autenticaci\u00f3n NTLM en curl y libcurl en versiones anteriores a la 7.57.0 en plataformas de 32-bits permite que los atacantes provoquen una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de b\u00fafer resultante, y cierre inesperado de la aplicaci\u00f3n) o que, posiblemente, causen otro tipo de impacto sin especificar mediante vectores relacionados con campos user y password largos."}], "lastModified": "2018-11-13T11:29:22.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0B36AFF-B48F-4C92-9E65-5BEE2A988057", "versionEndIncluding": "7.56.1", "versionStartExcluding": "7.36.0"}, {"criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "116D6861-406B-451F-8CE1-43BFBB818783", "versionEndIncluding": "7.56.1", "versionStartIncluding": "7.36.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}], "sourceIdentifier": "security@debian.org"}